ISO 27001 Implementation

Expand all

Overview

ISO 27001 is the internationally recognized Standard for Information Security and Risk Management, designed to provide organizations with a comprehensive framework and best practice guidance towards implementing an Information Security Management System (ISMS).  The Standard itself is supported by the certification ISO 27001 framework against which organizations can be currently certified subject to an audit by a suitably authorized body.

Information, as one of the most valuable assets of an organization, needs protection. An Information Security Management System will help protect information in a structured and effective manner.  Beyond these benefits, ISO 27001 certification is nowadays often part of the minimum requirements demanded by larger scale projects.

Odyssey’s ISO 27001 Consulting services provide assistance and support to organizations looking to achieve the ISO Certification. The ISO 27001 Certification process includes:

  • Preparing and reviewing your ISMS plan and scope.
  • Performing Business Impact Analysis, Threat & Vulnerability Assessment, Risk Assessment and Gap Analysis.
  • Controls selection and implementation process management.
  • Preparing the Statement of Applicability.
  • Helping the customer prepare for Re-certifications.

Odyssey is part of the ISO 27001 Associated Consultants Network.  This means that we have trained and experienced resources who are able to demonstrate the necessary skills, focus and credentials in relation to the implementation of ISO 27001-compliant Information Security Management Systems. In this respect, we are strategically positioned to provide you with the required services and skills should you decide to embark on a standard alignment or certification project.

Key Benefits

  • Achievement of ISO 27001 certification.
  • Information Security Awareness for all staff.
  • Branding and competitive advantage differentiation.
  • Risk reduction and stronger control culture as a result of the rigorous implementation process and the necessity of implementing the required procedural controls and supporting technologies.
  • Possible reduction in business recovery insurance premiums.
  • Demonstrable due process and regulatory compliance.
  • More efficient processes and governance.