Implementation of ISMS

Development of Information Security Management System (ISMS) under the international standard ISO / IEC 27001: 2005.

Stages of works:

  • Survey: identification of the sphere of activity, allocation of critical business processes that will be protected;
  • Development of organization security policy;
  • Determination of the methodology of information security risk assessment and acceptable level of risks;
  • Identification of risks;
  • Risk analysis and assessment;
  • Preparation of a processing plan for each critical risk, allocation of controls;
  • Elaboration of ISMS policies and procedures;
  • ISMS Implementation – implementation of controls (security mechanisms) under the Risk Processing Plan;
  • Preparation for ISMS certification by an independent party.