HSC - Services - ISO 27001 status overview

Network Security Consulting Agency Since 1989 - Specialized in Unix, Windows, TCP/IP and Internet

You are here: Home > Services > ISO 27001 status overview

Go to: HSC Trainings

Services

			Skills & Expertise
			Consulting
			ISO 27001 services
			Audit & Assessment
			Penetration tests
			Vunerability assessment (TSAR)
			Forensics
			ARJEL
			Training courses
			E-learning

Conferences

			Agenda
			Past events
			Tutorials

Resources

			Thematic index
			Tips
			Lectures
			Courses
			Articles
			Tools (download)
			Vulnerability watch

Company

			Hervé Schauer
			Team
			Job opportunities
			Credentials
			History
			Partnerships
			Associations

Press and
communication

			HSC Newsletter
			Press review
			Press releases
			Publications

Contacts

			How to reach us
			Specific inquiries
			Directions to our office
			Hotels near our office


		ISO 27001 status overview


	See also... Guidance service for ISO 27001 implementation ISO 27001 certification audit training General presentation of our ISO 27001 services HSC ethical and deontological guidelines

Objective of the service

To evaluate the current situation of the security practices in your company in the objective of assessing the remaining work that would be needed in order to implement the ISO 27001 standard.

In which cases to select this service

You wish to implement the ISO 27001 standard, but you previously want to accurately know:

Which are the security processes that actually already conform to the standard
Which are the ones that require to be led to conformity
Which are the ones that are needed to be created from scratch

Results of the service

We deliver you a report that accurately describes:

The processes requiring an adjustment, with the list of the tasks needed to make those processes conform to the standard
The missing processes, still made necessary by the standard.

Furthermore, the report presents a strategy for implementing ISO 27001 by taking into consideration your background and your requirements.

Detailled description

This service generally takes place in five completary stages:

Stage 1: Launching meeting
Stage 2: Interviews
Stage 3: Disclosure of the documentation
Stage 4: Report writing
Stage 5: Presentation of the results

Stage 1: Launching meeting

This meeting is intended to narrow the service and to present the approach selected by the consultants. The following items are planned:

Confirmation of the objective of the service
Presentation by the consultants of the key steps for implementing an ISMS that complies with ISO 27001
Presentation of the HSC approach
Presentation by the customer of his own background: activities, organisation objectives, ressources, constraints, etc.)
Election of the persons that will be interviewed
Planning of the interviews

Stage 2: Interviews

The HSC consultants meet the various persons in charge of the key services of the organisation. The goal of these interviews is not to audit the processes, but to evaluate their current conformity to the ISO 27001 standard. The following items are often planned:

Inventory of the key processes
Security of these processes
Existence and quality of the relevant documentation
Existence and quality of the follow-up of corrective actions
Etc.

Stage 3: Disclosure of the documentation

The HSC consultants will familiarize themselves with the relevant documentation:

General policy documents (security policy, user terms and conditions, etc)
Specific policy documents (password policy, remote access policy, etc)
Procedures
Etc.

Stage 4: Report writing

The consultants write a report taking into consideration every previously acquired element.

Stage 5: Presentation of the results

This presentation takes the form of a meeting during which the following tasks are performed with the customer:

Summarized reminder of the key conclusions of the report
Presentation of roadmap to ISO 27001 compliance
Open discussion regarding ISO 27001