IT BASIS CHECK ISO/IEC 27001: INFORMATION SECURITY

IT-Basis Check 27001 - Pfeile im Ziel

Infor­ma­ti­on is an essen­ti­al com­po­nent of suc­cessful busi­ness pro­ces­ses and repres­ents a gre­at value that the company’s manage­ment is respon­si­ble for secu­ring and maintaining.

Site assess­ment and eva­lua­ti­on in accordance with ISO/IEC 27001

In this con­text, the infor­ma­ti­on tech­no­lo­gy infra­struc­tures used to pro­vi­de and pro­cess infor­ma­ti­on con­ti­nue to gain in importance and must meet the requirements.

The inter­na­tio­nal stan­dard ISO/IEC 27001 requi­res a sepa­ra­te pro­cess for infor­ma­ti­on secu­ri­ty and at the same time defi­nes con­cre­te mea­su­res. This Infor­ma­ti­on Secu­ri­ty Manage­ment Sys­tem (ISMS) essen­ti­al­ly cor­re­sponds to a qua­li­ty manage­ment of the secu­ri­ty requi­re­ments of information.

SEC4YOU car­ri­es out a site assess­ment with regard to the requi­re­ments of ISO/IEC 27001, deter­mi­nes the poten­ti­al for impro­ve­ment and pro­vi­des con­cre­te pro­po­sals for solutions.

Audit are­as of ISO/IEC 27001:

  • Gene­ral con­di­ti­ons and secu­ri­ty needs of the company
  • Respon­si­bi­li­ty and com­mit­ment of the com­pa­ny management
  • Deal­ing with risks and opportunities
  • Sup­port, awa­re­ness and com­mu­ni­ca­ti­on of secu­ri­ty objectives
  • Mea­su­re­ment of objec­ti­ves and pro­ce­du­res for improvement
  • Gui­de­lines and struc­tu­re of the safe­ty organization
  • Safe­ty requi­re­ments in human resources
  • Hand­ling infor­ma­ti­on and responsibility
  • Access pro­tec­tion and user management
  • Use of cryp­to­gra­phic measures
  • Phy­si­cal security
  • Ope­ra­tio­nal secu­ri­ty, virus pro­tec­tion, back­up and res­to­re, and monitoring
  • Com­mu­ni­ca­ti­on security
  • Acqui­si­ti­on, deve­lo­p­ment and main­ten­an­ce of systems
  • Secu­ri­ty in deal­ing with suppliers
  • Deal­ing with secu­ri­ty incidents
  • Secu­ri­ty aspects in busi­ness con­ti­nui­ty management
  • Con­for­mi­ty with legal and con­trac­tu­al requirements

As a result, you will recei­ve a writ­ten report that iden­ti­fies exis­ting weak­ne­s­ses and risks and descri­bes spe­ci­fic recom­men­da­ti­ons to miti­ga­te the iden­ti­fied risks for your company.

FACTSHEET

YOUR ADVANTAGES

  • Legal cer­tain­ty through the appli­ca­ti­on of the inter­na­tio­nal­ly reco­gni­zed ISO/IEC 27001, as stan­dards are con­side­red “sta­te of the art” in the event of a dispute.

 

  • Assess­ment of the cur­rent sta­tus by inde­pen­dent experts;

 

  • Know­ledge of poten­ti­al hazards and con­scious con­side­ra­ti­on of risks

 

  • Incre­asing the effec­ti­ve­ness and effi­ci­en­cy of the resour­ces used for security

 

  • Miss­ing secu­ri­ty mea­su­res are iden­ti­fied and can be reme­di­ed in a time­ly manner.

 

  • You iden­ti­fy weak points in your IT befo­re pro­blems occur

Ques­ti­ons about the ISO 27001 Basic Check or ISO 27001 Certification?

Would you like to speak with an expert?