ISO 27001 Risk Assessment and Gap Assessment
DISC's ISO 27001 2013 assessment is performed to measure conformance with ISO 27001 2013 requirement and ISO 27002 controls
- ISO 27001 2013 requirements
- ISO 27002 2013 controls, categories and domains
- Compliance report by ISO 27001 requirements
- Compliance report by control ISO 27002 2013
- Compliance report by category ISO 27002 2013
- Compliance report by domain ISO 27002 2013
DISC gap assessment includes three or six level rating (CMMI) matrix of your choice for each control, category and domain.
Start your ISMS project with ISO27001 2013 Documentation Toolkit
ISO/IEC 27001 2005 to 2013 Gap Analysis Tool (Download)
Download ISO27000 family of information security standards today!
• ISO27001 2013 ISMS Requirement (Download now)
• ISO27002 2013 Code of Practice for ISM (Download now)
Capability Maturity Model Integration (CMMI) to ISO 27002
| Rating | CMM level | ISO 27002 level | |
| 0 | Non existent | Complete lack of recognizable control | |
| 1 | Initial | There is an evidence that security issue exist and needs to be addressed, however no control exist to tackle the issue | |
| 2 | Repeatable | Security control is still in development with limited documentation | |
| 3 | Defined | Security control has been documented and communicated through training, but it is left to individual to follow control | |
| 4 | Managed | It is possible to monitor and measure security control compliance but management of the control is not fully automated | |
| 5 | Optimized | Security control has been refined to a level of ISO code of practice, based on result of continuous improvement |
Checkout our latest
blog post on ISO 27k
ISO27001:2013 high level review for making the transition from ISO27001:2005
Latest ISO 27001 titles at DISC InfoSec Store | eBay | IT Governance
Print 