ISO/IEC 27001

The ISO/IEC 27001 deals with the implementation and operation of an information security management system (ISMS). In this context, it examines whether common aspects of information security have been considered at both the organizational and technical levels. Additionally, it requires the regular conduct of an individual risk assessment to address specific aspects of information security within a company.

Benefits

  • With successful ISO 27001 certification, you can prove to your customers that you actively protect entrusted information and tasks from potential risks.

  • Development of new business areas that require ISO 27001 certification.

  • Maintaining customer relationships that only work with certified companies as standard.

  • Great customer confidence in the business relationship.

Technical & organisational measures

  • Creation, communication and integration of guidelines for information security in projects and development.

  • Management of information security incidents and ensuring the maintenance of information security.

  • Segregation of duties, verifiability of activities and safe handling of devices and data carriers outside the business premises.

  • Contractual definition of responsibilities and organisation of regular training courses.

Customized solutions

ISMS for Confluence

ISMS for Confluence is a ready-to-use and customizable ISMS solution for Atlassian Confluence®. It includes all the content, templates, and processes required for compliance with ISO/IEC 27001.

Learn more about the ISMS solution here.

Adjustments or corrections are part of a healthy ISMS. Changes that your company undergoes will result in corresponding changes to your ISMS. These could include new projects or products that lead to changes in internal processes and risks for the company. We can assist with planning and implementing these changes, ensuring your management system remains flexible and compliant with the requirements of the standard.

What we can do for you:
• Risk assessments to support a consistent evaluation of risks
• Efficient risk treatment in line with established priorities
• Support in planning effective and cost-efficient measures to mitigate risks
• Consultation, review, and implementation of changes
• Emphasizing the importance of information security to your employees

In the gap analysis, our auditors conduct an assessment of your company’s compliance with standards to estimate the efforts required for implementation. This involves examining the measures specified by the standards in the context of your organization to determine their applicability to the company’s activities and structure. Similar to an internal audit, we work with you to evaluate the extent to which these measures are already met and identify any additional efforts that need to be planned.

What we can do for you:
• Identification of relevant business processes
• Definition of the certification scope
• Review of the current state
• Planning of adjustments
• Estimation of implementation efforts