ISO 27001 Information Security Management System

ISO 27001 Information Security Management System
The new ISO 27001:2013 (released in September 2013) allows you to demonstrate to existing and potential customers, suppliers and shareholders the integrity of your data and systems and your commitment to information security. It also allows you to enforce information security and reduce the possible risk of fraud, information loss and disclosure.
The standard is based on 7 major requirements, i.e.
Clause 4: Context of the Organization
Clause 5: Leadership
Clause 6: Planning
Clause 7: Support
Clause 8: Operation
Clause 9: Performance evaluation
Clause 10: Improvement
Incorporating the new revision are improvements to the security controls to deal with current threats, namely identity theft, risks related to mobile devices and other online vulnerabilities. It also allows easier integration with other management systems. (source: www.iso.org)
Benefits
- Improve the management of information security risks
- Enhance the protection of data critical to your business
- Increase confidence in your information and data management
- Minimise cost, time and efforts related to data recovery and maintenance
- Recognition for attaining the international level of information security level
Nexus TAC Training and Consultancy Services
Nexus TAC provides management system training and consultancy services. We offer specialized expertise and extensive practical experience to assist client in developing management systems from the initial concept to establishment and successful implementation of the management systems.
We use the following consultation approach to assist you in achieving certification:
- Identify areas requiring improvement or development within your current Management System
- Prepare a strategic action plan, in conjunction with your company personnel, to address those improvement areas and assist with the communication of these requirements to key personnel at all levels
- Provide system-related trainings for your company personnel to create awareness and provide them with the necessary knowledge and skills in the implementation of systems
- Provide assistance and advice on the development and implementation of systems, including preparation of documentation
- Advise and assist, if required, with the preparation and submission of applications to your certification body
Assist with the development of internal auditing procedures and training
Our customised in-house training services include
- ISO/IEC 27001 Information Security Management System Awareness
- Understanding, documenting and Implementing ISO 27001
- Internal Audit of ISO 27001 Quality Management System