iso 27001
TRANSCRIPT
Manage and Secure your Information
ISO 27001Information Security Management Systems
Rev - 1
Centre forAssessment Ltd
If you use information (and every organisation does), you should be aware of ISO 27001.
ISO 27001 is an internationally recognised standard, providing a management system framework to ensure that your information is secured under management control.
By adopting its requirements; identi�cation and classi�cation of information; considering threats and controlling availability; preserving integrity and protecting con�dentiality; youcan signi�cantly reduce your business risks.
Certi�cation to ISO 27001 is proof of independent veri�cation that your Information Security Management System meets the international standard and is continually maintained & improved to keep up with new threats.
Any organisation which is certi�cated to ISO 27001 can be relied upon to respond e�ectively to any threat tobusiness continuity, protect information against breaches in con�dentiality and to demonstrate governance ofits information technology systems.
What are the bene�ts?
- Demonstrates the independent assurance of your internal controls and meets corporate governance and business continuity requirements
- Independently demonstrates that applicable laws and regulations are observed
- Provides a competitive edge by meeting contractual requirements and demonstrating to your customers that the security of their information is paramount
- Independently veri�es that your organizational risks are properly identi�ed, assessed and managed, while formalizing information security processes, procedures and documentation
- Proves your senior management’s commitment to the security of its information
- The regular assessment process helps you to continually monitor your performance and improve
The bene�ts can be substantial.
Next Step!
If you would like further information call:
T: 01925 256650
F 01925 256683E [email protected] W www.centreforassessment.co.uk
CENTRE FOR ASSESSMENT LTD. 6e Mandarin Court, Centre Park, Warrington, WA1 1GGT 01925 256650 F 01925 256683 E [email protected] W www.centreforassessment.co.uk
OVERVIEW OF ISO 27001 ASSESSMENT PROCESS
1 - ENQUIRYInitial telephone call followed by information pack containing costs,
assessment process and details of commitment scheme.
3 - ASSESSOR CONTACTInitial agreement/discussion, agree onsite dates/timescales.
4 - STAGE 1 ASSESSMENTAlways held at your premises, Stage 1 aims to establish
that your occupational management system meets the requirementsof ISO 27001. This also includes a detailed review of the site and adjoining areas. We are also looking at the related processes
taking place. The assessor will feedback �ndings throughout the assessment and leave a detailed report that clearly identi�es
any gaps that need to be addressed.
5 - STAGE 2 ASSESSMENT.The Assessor develops an assessment plan and forwards to you
prior to the assessment.
2 - COMMITMENTWelcome pack, commitment certi�cate & initial contact.
6 - STAGE 2 ASSESSMENTCarried out onsite, Stage 2 Assessment veri�es that
you are working to the occupational management system and you are meeting the requirements of ISO 27001.
We will be Assessing your onsite practices and the records that support your activities.
7 - FINAL VERIFICATIONYour application is submitted to an external panel for approval.
Approved applicants receive: Award Letter, Certi�cate, aCD ROM containing the Certi�cation Marks and a Customer
Satisfaction Questionnaire
8 - ANNUAL SURVEILLANCEAll organisations certi�ed for ISO 27001 are required to
undergo annual surveillance visits. The assessor will agree the date with you at the end of your stage 2 assessment. We willremind you 1 month prior to that visit. The assessor will alsocontact before the onsite visit. We will notify you of ongoing
communication & invite you to events and updates
NB Organisations that do not meet the requirement of ISO 27001 during the Stage 2 Assessment are required to have
a revisit to verify the gaps have been addresses.
Any gaps identi�ed are addressed at this stage.