Information Infrastructure, Insight

01483 520 200

ISO 27001 Consultancy

Appropriately managing Information Security Risk requires the selection and deployment of defensive measures appropriate to your business. These countermeasures must operate cohesively, take account of cross-functional business requirements, and form a complete system of integrated internal controls, tools and processes, all implemented and monitored to ensure they are effective. The chosen controls and risk mitigation activities often need to encompass specialist techniques that fulfil financial, operational, legal, compliance and business risk obligations.

MTI ISO 27001 Consultancy: Overview

When faced with the challenges of managing information security risks many organisations seek to adopt best practice and the ISO/IEC 17799:2005 Code of Practice for Information Security Management sets out, in practical terms, how the implementation of an Information Security Management System (ISMS) can enable information risk to be managed to an acceptable level.

This internationally recognised Management Standard, or framework, provides the desired level of security assurance, and underpins legal and regulatory obligations for implementing security compliance. It delivers proof that an organisation's control environment is maintained on the basis of continual improvement and designed to defend against the unique, often complex and ever changing threat and vulnerability scenarios facing your business today.

By adopting a properly defined ISMS you acquire the ability to demonstrate that level of assurance to your customers and business partners. You may choose or be forced to meet contractual obligations for security by further seeking formal Certification to ISO:IEC 27001:2005, the specification for Information Security Management which provides independent, external verification that your chosen security framework, or ISMS is effective.

Your ISO 27001 Questions Answered

Q1. What are the elements of an effective Information Security Management System (ISIM)?

An effective ISMS has the following characteristics:

Executive support
Embedded into the organisational culture
Risk-driven and proactive
Aligned to a strategic framework
Delivers legal and regulatory compliance
A robust policy environment
Supported by active training and awareness
Solid technical controls

Q2. How can MTI help my organisation to achieve ISO27001?

MTI has a proven track record in helping organisations to fully implement and achieve these internationally recognised Standards, both in readiness for formal Certification and in designing pragmatic yet comprehensive Information Security Management Systems that ensures serious exposures to business information are not left unidentified or unknowingly ignored.

The process we use can be briefly outline as follows:

MTI determine what the current state of your organisation's information security programme in relation to your unique set of circumstances (security risks). We refer to this as your information security 'baseline'
We then work with you and your key stakeholders to determine what the ideal desired future state of information security at your organisation should be
This process makes use of compliance (round-table, workshop driven) and substantive (eyes-on) assessment methodologies, globally accepted best practices and years of experience to benchmark your current security program and determine where future investment will deliver the most effective improvements going forward
MTI then define a remedial roadmap (or risk treatment plan) that will map the path to the achievement of your organisations information security objectives

Q3. What will my organisation get out of it?

An Information Security Assessment (ISA): A documented 'drains up' assessment of your current information security baseline against the contextualised requirements of ISO27001:2005, together with an evaluation of your Information Security Policy documentation.
An Information Security Standard (ISS/SOA): A comprehensive list of applicable information security control objectives unique to your organisation prioritized and chosen to reduce your organisation's unique risk profile to an acceptable level. The ISS will serve as your organisationis information security audit standard which can be evolved into a formal Statement of Applicability (Mandatory output for ISO 27001 Certification) going forward.
A Strategic Information Assurance Plan (SIAP): A Risk Treatment plan that will close the gap between the current and desired levels of security over a period that may span up to five years allowing your organisation to budget for and address information assurance projects proactively, as well as measure progress over time.
A Long Term Strategic Partnership: MTI will partner your organisation in a complementary manner and assist you throughout the implementation and remedial action activities and aid your transition from reactive, IT-driven information security processes to proactive, risk driven and business aligned information assurance appropriate for the delivery of your legal and regulatory compliance obligations.

Next Steps...

If you would like more information regarding ISO 27001 Consultancy please contact the MTI security consultancy team to discuss your requirements. You may also be interested in PCI DSS Compliance.

Request Call Back

Request Pricing

CHECK Green Light Member
Member of the Council of Registered Ethical Security Testers

MTI #Careers - Manged Service Sales, Junior & Senior Penetration Testers & Security Consultants - take a look #ITjobs mti.com/careers#msSales....

Webinar: WEBCAST: The 7 Stages of a Threat
Tue Jun 25 2013 - 4:00 PM

Seminar: PCI London
Tue Jul 02 2013
Location: Victoria Park Plaza, London

See all Events & Shows

Datacentres
MTI has established itself as a key partner for businesses looking to leverage skill and experience in the delivery of effective, high-value Datacentre solutions.
Secure Cloud Storage
The key differentiator that MTI brings to the marketplace with its Cloud offerings is the ability to design a bespoke Cloud solution that takes into account all the customers concerns and requirements.
IT Security
MTI is a trusted expert in delivering a full range of IT security solutions for your organisation as providing consultancy on data security regulations and offering accredited network penetration testing services.
Managed Services & Support
MTI is well-established as an experienced provider of a whole range of services that directly support the technology solutions that it provides to businesses throughout EMEA.
Meet the Management Team
The MTI Management Team includes some of the most experienced and respected figures in the IT industry and together they make a formidable force working on behalf of our partners.
Case Studies
Providing details of the different solutions that MTI has designed and deployed for its’ clients. In many cases clients have chosen to comment on the effectiveness and inherent value of the MTI approach.
Contact MTI
If you need advice, assitance or further information on our range of products or services don't hesitate to get in touch.

Call Back Request for	ISO 27001 Consultancy
First Name*
Last Name*
Email
Phone*
Company*
Further Details

Pricing Request for	ISO 27001 Consultancy
First Name*
Last Name*
Email*
Phone*
Company*
Further Details