Information Security Management System, Information Security Management

Home

Enquiry

Sitemap

Home ›› Consulting ›› ISMS - ISO 27001 Consultancy

What is this service?
"Information Security Management System" or ISMS in short is that part of overall management system, based on a business risk approach meant to establish, implement, operate, monitor, review, maintain and improve information security. The management system includes organizational structure, policies, planning activities, responsibilities, practices, procedures and resources. With the help of certified implementers and consultants, Paramount can help the organizations to design and build the ISMS which can effectively be used to manage and improve an organizations information security.

...............................................................................................................................................................................................................................................................................................................................

Why is this services required?
With the integration of information security into the organizational structure, the organized and process based management of information security has become essential. The design and building of ISMS are two important steps in PDCA (plan, do, check and act) cycle adopted by British Standard Institute in managing the management system. Design and building of ISMS according to ISO 27001:2005 standard is no easy endeavour. The building process involves confirming to 133 controls spanning across 11 domains of information security. Properly designed ISMS can help you in effectively managing your information security along with continuous improvement in information security posture.

Pre-requisites from the client

Clear mandate from management and availability of dedicated person
List of assets to covered and organizational structure

Customer Benefits

Compliance with ISO 27001:2005 standard
Manageable information security practices and documented processes

Top

Service Delivery Process
Paramount follows PDCA life cycle while design and building of ISMS which is a structured approach. This approach helps organization to understand the ISMS completely thereby making it manageable by the internal resources and also confirming to ISO 27001:2005 standards. The high level break down of entire process is given below

Scope and Plan

The identification of ISMS scope, planning, resourcing and scheduling of tasks.

Gap Assessment

Gathering of information and Review of existing security controls

PARAISM - Design and Build ISMS Service Delivery Approach

Top

Deliverables

ISMS Scope Document
Gap Assessment Report
Asset Valuation
Vulnerability Assessment Report
Risk Assessment Methodology
Risk Assessment report and Mitigation Plan
Security Policies and Procedures
ISMS Manual
Statement of Applicability and Awareness training materials
Pre- Certification Audit Report