The renowned international Code of Practice for information security management offers a means by which certification against the standard can be achieved.
Organizations certified to ISO27001 have demonstrated that their ISMS is of a level currently considered globally to represent best practice.
Other organizations are utilizing the Code of Practice in their compliance programs to satisfy their internal requirements to achieve best practice.
Our approach by supporting customers to go through the route to certification comprises a number of stages, typically:
- Identification of Scope
- Gap Analysis
- Risk Assessment
- Security Improvement Plan
- Statement of Applicability
- Training and Awareness
- Mock Assessment
GRC3D has undertaken a large number of compliance and certification projects and is able to assist organizations in the pursuit of certification in a simple and effective manner.