Hicks Engineering :: ISO 27001 Compliance Consulting
Solutions for ISO 27001 security compliance
ISO 27001
This is an internationally recognized security standard for organizations to show information security competency starting at the corporate management level down through day to day information security operations.
From the ISO/IEC: ISO/IEC 27001 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. The requirements set out in ISO/IEC 27001 are generic and are intended to be applicable to all organizations, regardless of type, size or nature.

Organizations must show adherence to requirements contained in clauses 4 to 10 to be compliant to the standard and to gain certification through a third party registrar audit.

Compliance consulting services for ISO 27001:

  • Assistance to conduct a pre audit or exploratory assessment
  • Gap analysis
  • Remediation planning to meet the ISO 27001 standard
  • Consulting for updating and/or creating internal security / standard operating procedures
  • Conducting third party Pen Testing (penetration testing) and vulnerability scans with reporting
  • Consulting for continuous monitoring programs
  • Conducting third party internal audits
  • SDLC review and consulting for compliance
  • Software Quality Assurance review and consulting for compliance

Contact us today. We would be happy to discuss your software compliance needs for ISO 27001.