INFORMATION SECURITY (ISO 27001 )

  • Identification of the assets and processes related to the Organisation’s/ Enterprise’s information system and its management.
  • Analysis of the Organisation’s/ Enterprise’s activities, in order of identify, register and prioritise hazards that threaten business information and relevant assets.
  • Guidance for the selection of the appropriate security measures to minimise risks of potential hazards’ occurrence.
  • Development of the required documentation (Procedures, Statement of Applicability, Information Security Manual, etc.), taking into account the findings of the risk assessment and the needed compliance to legislation.
  • Integration of Information Security Management procedures with related Quality Management procedures (if a Quality Management System is implemented).
  • Assistance to the competent personnel for the establishment of the Information Security Management System and surveillance of its implementation.
  • Assistance for the formulation of Business Continuity Plans, securing the continuity of the Organisation’s / Enterprise’s operation, if major failures or disasters occur.
  • Training of personnel on Information Security related issues and on the Management System that has been developed.
  • Performance of audits and detection of non-conformity points.
  • Suggestion of corrective actions related to the Information Security Management System and follow-up on their implementation.