top of page
  • Twitter
  • Linkedin

ISO/IEC 27001

We assist companies and organizations in building trust, managing risk, and complying with legal and regulatory requirements through the implementation of an Information Security Management System in accordance with the international standard ISO/IEC 27001.

 

We have more than 20 years of experience helping our clients implement information security management systems based on ISO/IEC 27001.

How We Assist

  • Our advisory services include, among other things:

  • Assessing the current state of information security and identifying key risks

  • Assisting with the implementation of an Information Security Management System (ISMS)

  • Developing security strategies and policies

  • Preparing organizations for ISO/IEC 27001 certification

  • Conducting internal controls and internal audits

As part of the implementation process, we assist clients in developing and implementing key policies, including for example:

  • Information Security Policy

  • Privacy Policy

  • Access Control Policy

  • Supplier Security Policies

  • Secure Development Policy

  • Backup and Recovery Policy

  • Remote Work Security Policy

We also conduct vulnerability assessments and penetration testing to evaluate the actual security posture of the organization and support continuous improvement.

Privacy and Regulatory Compliance

In parallel with ISO/IEC 27001 implementation, we assist organizations in meeting privacy and data protection requirements under applicable legislation and the GDPR. This includes:

  • Preparation of records of processing activities

  • Data processing agreements with processors

  • Data Protection Impact Assessments (DPIA)

  • Designing information systems using a privacy-by-design approach

CISO as a Service

For organizations that want to strengthen their information security governance without hiring a full-time specialist, we offer CISO-as-a-Service.

This provides management with access to an experienced security professional who supports:

  • Information security strategy

  • Risk management

  • Communication with executives and boards

  • Implementation of standards and regulatory frameworks

Contact Us​

Contact us to learn more about how we can help your organization strengthen its information security, meet regulatory requirements, and build trust in its operations.

Contact Us

Thank you for the message!

Email: security@security.is

© 2023 security.is. 

bottom of page