ISO/IEC 27001 formally specifies an Information Security Management System (ISMS), a suite of activities concerning the management of information risks (called ‘information security risks’ in the standard). The ISMS is an overarching management framework through which the organization identifies, analyzes and addresses its information risks. The ISMS ensures that the security arrangements are fine-tuned to keep pace with changes to the security threats, vulnerabilities and business impacts.
GSNI consultants covers following activities during its ISO 27001 lifecycle consulting services:
- Gap Analysis
- Document Review
- Process Documentation
- Process Implementation
- Internal Compliance Audit
