Consulting‎ > ‎

Cyber-Security Consulting

With our strong reputation and project experience in IT security, we are willing to assist wherever we can bring expertise.

We provide cost-effective security solutions by understanding specific needs of organizations. The services rendered cover both strategic and technical support with a view to digitally securing your enterprise.


ISO 27001:2013 Implementation

ISO/IEC 27001:2013 Provides requirements for Establishing, Implementing, Maintaining and Continually Improving an Information Security Management System.The adoption of an information security management system is a strategic decision for an organization. The establishment and implementation of an organization’s information security management system is influenced by the organization’s needs and objectives.The standard covers all types of organizations (e.g. commercial , government agencies,non-profits), all sizes (from micro-businesses to huge multinationals), and all industries/ segments (e.g. retail, banking, defense, healthcare, education and government).

The Information Security Management System (ISMS) preserves the Confidentiality,Integrity and Availability of information by applying a Risk Management process and gives confidence to interested parties that Risks are adequately managed.

ISO/IEC 27001:2013 Implementation, Certification from a certification body demonstrates that the security of organization information has been addressed, valuable data and information assets properly controlled.

The ISO/IEC 27001:2013 Certification Process

There are Three Core Phases

Phase I : Before External Audit

1. Implementation of ISMS: Complete of implementation cycle of Information security management system ( ISMS) Including mandatory Requirements and optional Controls

2. Conduct Internal Audit and review result by top management: The organization conduct periodic internal audits to ensure the ISMS incorporates adequate controls which operate effectively and review it by Top Management

3. Selection of a Certification body: Organization select a Certification body to conduct External audit activity and Certified Organization ISMS Program

Phase II : External Audit

4. Stage 1 Audit: Conducted off or on site to determine if your ISMS system has met the requirements of the standard and is capable of being audited.

5. Stage 2 Audit: Conduct on site to audit the effectiveness of the ISMS system. Stage 1 and Stage 2 must be completed to become ISMS certified.

Phase III : Following the audit

6. Confirmation of Registration: Lead Auditor recommend to Certification Manager of Certification Body that Organization are certified. The Certification Manager will review Organization file to ensure that the recommendation has been made in an impartial, fair and competent manner. Upon completion of the above Organization will be officially certified to ISO/IEC 27001:2013 .

7. Continual improvement and Surveillance audits: Conduct Internal Audit Activity by Organization and Certification body auditor will conduct surveillance audit for organization every 6 months or 12 months for next three years after organization achieve ISO/IEC 27001:2013 Certification


Comments