INFORMATION SECURITY (ISO 27001 )

Identification of the assets and processes related to the Organisation’s/ Enterprise’s information system and its management.
Analysis of the Organisation’s/ Enterprise’s activities, in order of identify, register and prioritise hazards that threaten business information and relevant assets.
Guidance for the selection of the appropriate security measures to minimise risks of potential hazards’ occurrence.
Development of the required documentation (Procedures, Statement of Applicability, Information Security Manual, etc.), taking into account the findings of the risk assessment and the needed compliance to legislation.
Integration of Information Security Management procedures with related Quality Management procedures (if a Quality Management System is implemented).
Assistance to the competent personnel for the establishment of the Information Security Management System and surveillance of its implementation.
Assistance for the formulation of Business Continuity Plans, securing the continuity of the Organisation’s / Enterprise’s operation, if major failures or disasters occur.
Training of personnel on Information Security related issues and on the Management System that has been developed.
Performance of audits and detection of non-conformity points.
Suggestion of corrective actions related to the Information Security Management System and follow-up on their implementation.