HSC
Network Security Consulting Agency Since 1989 - Specialized in Unix, Windows, TCP/IP and Internet
Text mode: access to the page content
Hervé Schauer Consultants
You are here: Home > Services > ISO 27001 status overview
Go to: HSC Trainings
Télécharger le catalogue des formations
Search:  
Version française
   Services   
o Skills & Expertise
o Consulting
o ISO 27001 services
o Audit & Assessment
o Penetration tests
o Vunerability assessment (TSAR)
o Forensics
o ARJEL
o Training courses
o E-learning
   Conferences   
o Agenda
o Past events
o Tutorials
   Resources   
o Thematic index
o Tips
o Lectures
o Courses
o Articles
o Tools (download)
o Vulnerability watch
   Company   
o Hervé Schauer
o Team
o Job opportunities
o Credentials
o History
o Partnerships
o Associations
   Press and
 communication
 
 
o HSC Newsletter
o Bulletin juridique HSC
o Press review
   Contacts   
o How to reach us
o Specific inquiries
o Directions to our office
o Hotels near our office
|>|ISO 27001 status overview  
blah Services
See also...
o Guidance service for ISO 27001 implementation
o ISO 27001 certification audit training
o General presentation of our ISO 27001 services
o HSC ethical and deontological guidelines

Objective of the service

To evaluate the current situation of the security practices in your company in the objective of assessing the remaining work that would be needed in order to implement the ISO 27001 standard.

In which cases to select this service

You wish to implement the ISO 27001 standard, but you previously want to accurately know:

  • Which are the security processes that actually already conform to the standard
  • Which are the ones that require to be led to conformity
  • Which are the ones that are needed to be created from scratch

Results of the service

We deliver you a report that accurately describes:

  • The processes requiring an adjustment, with the list of the tasks needed to make those processes conform to the standard
  • The missing processes, still made necessary by the standard.
Furthermore, the report presents a strategy for implementing ISO 27001 by taking into consideration your background and your requirements.

Detailled description

This service generally takes place in five completary stages:

  • Stage 1: Launching meeting
  • Stage 2: Interviews
  • Stage 3: Disclosure of the documentation
  • Stage 4: Report writing
  • Stage 5: Presentation of the results

Stage 1: Launching meeting

This meeting is intended to narrow the service and to present the approach selected by the consultants. The following items are planned:

  • Confirmation of the objective of the service
  • Presentation by the consultants of the key steps for implementing an ISMS that complies with ISO 27001
  • Presentation of the HSC approach
  • Presentation by the customer of his own background: activities, organisation objectives, ressources, constraints, etc.)
  • Election of the persons that will be interviewed
  • Planning of the interviews

Stage 2: Interviews

The HSC consultants meet the various persons in charge of the key services of the organisation. The goal of these interviews is not to audit the processes, but to evaluate their current conformity to the ISO 27001 standard. The following items are often planned:

  • Inventory of the key processes
  • Security of these processes
  • Existence and quality of the relevant documentation
  • Existence and quality of the follow-up of corrective actions
  • Etc.

Stage 3: Disclosure of the documentation

The HSC consultants will familiarize themselves with the relevant documentation:

  • General policy documents (security policy, user terms and conditions, etc)
  • Specific policy documents (password policy, remote access policy, etc)
  • Procedures
  • Etc.

Stage 4: Report writing

The consultants write a report taking into consideration every previously acquired element.

Stage 5: Presentation of the results

This presentation takes the form of a meeting during which the following tasks are performed with the customer:

  • Summarized reminder of the key conclusions of the report
  • Presentation of roadmap to ISO 27001 compliance
  • Open discussion regarding ISO 27001
Last modified on 5 February 2009 at 15:49:49 CET - webmaster@hsc.fr
Mentions légales - Information on this server - © 1989-2013 Hervé Schauer Consultants