Information Security (ISO 27001)
How we help?
Once considered a nice-to-have certification, ISO 27001 has become the de-facto standard for businesses looking to ensure their systems, processes, data and staff comply with today's Information Security requirements. Companies are finding they are losing out to the competition when engaging in tenders and RFPs; to state you "abide by ISO 27001 but are not yet certified" is no longer a plausible excuse. Your customers expect you to manage their data securely and to be able to evidence this. A certified Information Security Management System provides this.
PECOMi Consulting offer a wide range of services to help.
ISO 27001/ISMS Gap Analysis
An initial Information Security Gap Analysis via an on-site review to determine your current position, and to advise on the areas that require attention. Our team have many years of experience from both a management and technical perspective, providing expert advice on cost-effective measures.
ISO 27001/ISMS gap analysis will include:
Understanding the scope of your existing ISMS (or helping to define the framework if none exists)
A review of your policies and procedures
Interviews with your management team to understand current business processes
Once complete a detailed report will be provided defining your framework or outlining the maturity of your existing ISMS, a breakdown of recommendations and a summary of further actions.
Information Security Management System (ISMS) Implementation
ISO 27001:2013 is the certification of your Information Security Management System (ISMS). PECOMi Consulting offers either guidance or a full implementation of an ISMS on your behalf. You choose what level of support your require.
This process will include supporting the appropriate certification process with your choice of certifying body, and continuing to help until completion. PECOMi Consulting will manage this process for you.
Virtual Information Security Manager (VISM)
How do smaller businesses afford to employ full time staff to manage the ISMS once implemented? Often, the role of managing Information Security is passed to a member of the HR or IT team. This can create conflicts within roles and has the potential to overburden staff.
PECOMi Consulting offer a Virtual Information Security Manager (VISM) service. Along with our outsourced Virtual Data Officer (VDO) we take the responsibility of ensuring compliance with information security best practices, maintaining your ISMS, conducting audits, training staff and providing on-call assistance to help with any information security queries you may have.
There are many poorly implemented Information Security Management Systems. Other organisations offer generic services with document templates designed for Enterprise level organisations. For a small or medium sized business, keeping up with the maintenance as dictated by these templates can create inefficiency and unnecessary management overhead.
PECOMi Consulting will ensure your business has a tailored Information Security Management System aligned to your core business objectives, responding to RFP/Tenders, improving your underlying security and enhancing the competitive advantage of your business.