AlgoSecure accompanies you through the implementation of an Information Security Management ISO 27001 on a defined perimeter, and the obtention of its certification Our consultants certified ISO 27001 (Lead Implementer and Lead Auditor) are available to accompany our clients through their certification projects.
ISO 27001, or more precisely ISO/IEC 27001, is part of the ISO 27000 family of standards, of which it is the best known. Concretely, this international standard from ISO and IEC sets up strict requirements for Information Security Management Systems (ISMS).
The main feature of ISO/IEC 27001 is that it deals with security by a risk-based approach. In other words, by being certified ISO 27001, an organization demonstrates that it has identified the security risks that could affect it and its sensitive data, and that it has taken the necessary organizational measures to manage these risks.
The ISO 27001 certification starts with the definition of the ISMS according to the needs of the organization, through the realization of a study of the risks which weighs on the sensitive data included in this perimeter of intervention. The study is carried out at both the micro and macro levels. It also concerns the environment in which the organization in question evolves. After identifying the risks, the ratio between the probability of the event occurring and its impact is determined. This allows for the selection of adequate protective measures, listed in the ISO 27002 standard.
By implementing the ISO 27001 standards (and the other standards of the ISO 27000 family by extension), a company can effectively protect itself from the risks weighing on its sensitive assets such as information relating to its personnel, its financial data or its intellectual property documents.
The project team relies on the following elements :
Phase 2 is the execution of the project plan made in phase 1.
Analysis of present situationThe goal of this phase is to analyze precisely the present situation and apprehend the risks on the defined perimeter.
Phase 2.2: Establishment of the IMSThe goal of this phase is to build the IMS.
Phase 2.3: Monitoring and improvement of the IMSThe goal of this phase is to carry on the action plan and implement the monitoring and piloting tools.
Phase 2.4: Certification mock auditThe goal of this phase is to build the IMS.
Phase 2.5: ISO-27001 certification
In addition to our PASSI qualification, we have chosen to obtain ISO 27001 certification for the perimeter of our infrastructure from which we conduct our PASSI audits. On the one hand, this certification allows us to raise our security level even higher, not only from a technical point of view, but also and especially from an organizational and process management point of view. On the other hand, it demonstrates that we apply to ourselves the advice we give to our customers. Obtaining this certification is the result of several months of work, but it is worth the effort to enable us to better protect the sensitive data we may be handling.
Specialists in information security and pentest in Lyon, Paris, Saint-Etienne and throughout France
You've enabled "Do Not Track" in your browser, we respect that choice and don't track your visit on our website.