Like us on Facebook and get 10% off your next order.
DISC has implemented ISO 27001 for several organizations to achieve certification which includes but not limited to fortune 500 organization.
DISC performs a security review (ISO 27k gap assessment) to identify and analyze risks and weaknesses in the security posture of your organization and due diligence is achieved by virtue of ISO compliance. A gap assessment is performed utilizing international standard ISO 27002 2013 (Code of Practice), ISO 27001 2013 (ISMS Specification) and company security policy, the purpose of the gap assessment is to evaluate the information security posture of your organization. The level of compliance will indicate how close your organization is to meeting the key objectives for each 114 controls defined within 14 security control clauses collectively containing a total of 35 main security categories and four introductory clauses including introduction, scope, normative references and terms & definitions.
Benefits of ISO 27k framework:
|Framework addresses the security issues for the whole organization|
|Address compliance with various regulations like (SOX, HIPAA, and PCI)|
|Reduce total cost of security by decreasing total number of controls|
|Perception of your business that you are serious about security|
|Enhance partners and vendors confidence|
|Future deciding factor for international partners|
|Internationally recognized standard|
Download ISO27000 family of information security standards today!
• ISO27001 2013 ISMS Requirement (Download now)
• ISO27002 2013 Code of Practice for ISM (Download now)
CMMI to ISO 27002
|Rating||CMMI level||ISO 27002 level|
|0||Non existent||Complete lack of recognizable control|
|1||Initial||There is an evidence that security issue exist and needs to be addressed, however no control exist to tackle the issue|
|2||Repeatable||Security control is still in development with limited documentation|
|3||Defined||Security control has been documented and communicated through training, but it is left to individual to follow control|
|4||Managed||It is possible to monitor and measure security control compliance but management of the control is not fully automated|
|5||Optimized||Security control has been refined to a level of ISO code of practice, based on result of continuous improvement|
Standalone ISO 27001 ISMS Documentation Toolkit
Checkout our latest blog post on ISO 27k
Stringent California Information Security Legislation with Comprehensive Toolkit
Latest ISO 27001 titles at DISC InfoSec Store | eBay | IT Governance