The first step we take prior to an engagement, is to determine a project scope based on the interfaces present. The interfaces include internal departments as well as external connections to the organisation.
The Gap analysis establishes an understanding of the information security policy and management system. This provides a detailed outline of what’s needed for compliance.
Architecture & Design Review
This step examines your system’s current architecture and provides recommendations based on the information gathered.
This step identifies areas of non-compliance that require remediation. We will compare the findings against the ISO 27001 standard while noting areas that may not meet the compliance validation requirements of the organisation.
Remediation & Advisory services
Our remediation services provide the organisation with a list of policy changes for review, the coordinated remediation actions required, and a draft responsibilities matrix.
The internal audit will focus on validating compliance in your organisation by conducting internal audits at planned intervals.