|
|
|
|
|
|
Many organizations have a series of Information security policies and procedures.
It is common for organizations to have acceptable usage policies, asset registers
and incident response plans, however they are often fragmented and do not address
information security at all levels. ISO 27001 aims to formalise Information Security
by bringing it under the control of an explicit management framework. This touches
more than just Information Technology. It considers all information security risks,
including physical and logical threats, vulnerabilities and impacts.
|
|
|
Nettitude is an ISO 27001 registered organization and it has a team of Security
Consultants that are certified as ISO 27001 Lead Auditors. As well as being fully
versed in all aspects or policy and procedural audit, Nettitude is also able to
offer technical advice and guidance on mechanisms to reduce risks and minimise threats,
vulnerabilities and impacts.
Nettitude has strong relationships with a number of certification bodies and as
a consequence is able to take an organization all the way through from Gap Analysis
to Pre-Audit and on to Final Audit. The Final Audit is not conducted by Nettitude,
as the standard requires that there is separation of duty between the consultancy
and the assessor. However, this process is fully managed by Nettitude, and the fact
that the auditor is a separate legal entity is largely transparent to Nettitude's
client.
To find out more about how Nettitude can help you with your Compliance requirements,
please complete our contact form,
and a Consultant will respond to your enquiry.