© 2018 by Maranda Consulting Inc

THE NEED FOR CERTIFICATION

Many companies today are embarking on measures to increase security, particularly given the prolific amount of malware and data theft.  In addition, many also aim to increase reliability, as well as implement best practices to streamline work efforts and standardize their approach to development and services.

 

The ISO 27001 & 27002 are part of a growing family of standards that focuses on information security.The ISO 27001 is the management standard that defines the ISMS (Information Security Management Systems) with distinct responsibilities, objectives, measurements, and reviews.  It outlines how information security must be planned, implemented, monitored, reviewed, and improved.

 

The ISO/IEC  27002 provides a collection, or suite, of best practices of controls for information security, and should be implemented where there are visible and tangible results. 

 

Together, the ISO 27001 & 27002 combine to provide a powerful mechanism that allows companies to organize, measure, and audit their security practices.

A SAMPLE OF OUR PROJECTS

ABSOLUTE SOFTWARE
  • Implementation of ISO 27001 ISMS Framework utilizing the ISO 27002 set of controls
  • Responsible for successful audit to ISO 27001 Standard for 3 consecutive years
TALEMETRY
  • Implementation of ISO 27001 ISMS Framework
  • Selection of ISO 27002 Controls