Support for the ISO 27001 standard
AlgoSecure accompanies you through the implementation of an Information Security Management ISO 27001 on a defined perimeter, and the obtention of its certification Our consultants certified ISO 27001 (Lead Implementer and Lead Auditor) are available to accompany our clients through their certification projects.
The project team relies on the following elements :
- the project leader from AlgoSecure (senior consultant)
- AlgoSecure consultants (certified ISO 27001)
- the manager of the client's project
- the actors of the concerned perimeter on the client's side
The goal of this phase is to assess the maturity level and feasibility of the project.
- Interview with the main actors of the company: General Direction, CFO, CIO...
- Defining the IMS perimeter
- Situational analysis
- Establishing and presentation of a project plan (length, expenses, deadlines, budget)
Phase 2 is the execution of the project plan made in phase 1.
Analysis of present situation
The goal of this phase is to analyze precisely the present situation and apprehend the risks on the defined perimeter.- Detailled study of context: needs, constraints, goals
- Study of the current security measures and vulnerabilites
- Risk analysis
Phase 2.2: Establishment of the IMS
The goal of this phase is to build the IMS.- Defining the organisation and the resources
- Choices regarding risk treatment
- Choice of risk reduction measures and declaration of applicability
- Definition of an action plan related to the implementation of measures
- Defining the IMS management procedures of IMS
- Choosing and defining the indicators
- Implementation of the IMS management
- Establishing the security policy of information systems
Phase 2.3: Monitoring and improvement of the IMS
The goal of this phase is to carry on the action plan and implement the monitoring and piloting tools.- Training and staff security awareness
- Monitoring of the tasks progress
- Internal audits
- Management review
- Support to choose a certification organization
Phase 2.4: Certification mock audit
The goal of this phase is to build the IMS.- The goal of this phase is to optimize the odds to get successfully certified.
- Mock audit
- Treatment proposal for the identified divergences
- Informing the steering committee about the assessment
Phase 2.5: ISO-27001 certification
- Arrangements with the certification organization
- Support through the audit
- Answers to the possible non-compliance points
The goal is to retain the certification
- Risk analysis update
- Policy and procedures review
- Deployment of the yearly action plan
- Training
- Internal audit
What advantages do you derive from ISO 27001?
- Guarantee of a controlled security
- Control over the company security and optimization of the security budgets
- Conformity to the legal requirements
- Increase in your market shares
- Improved attractiveness of your company
We are ISO 27001:2013 certified!
In addition to our PASSI qualification, we have chosen to obtain ISO 27001 certification for the perimeter of our infrastructure from which we conduct our PASSI audits. On the one hand, this certification allows us to raise our security level even higher, not only from a technical point of view, but also and especially from an organizational and process management point of view. On the other hand, it demonstrates that we apply to ourselves the advice we give to our customers. Obtaining this certification is the result of several months of work, but it is worth the effort to enable us to better protect the sensitive data we may be handling.
Specialists in information security in Lyon, Paris, Saint-Etienne and throughout France
You've enabled "Do Not Track" in your browser, we respect that choice and don't track your visit on our website.