ISO 27001 Consulting
CyberNX helps organizations to implement ISO 27001 security standard framework and assists them to get certified. The program is aimed at a practical implementation of standards and practices, rather than focusing on merely developing policies and processes.
Important Aspects of our Approach to ISO 27001 Standard Implementation.
- Policies and processes: Develop, review & finalize policies and processes required to implement an ISMS practice in the organization. The policy kit will be in line with the group's information security and risk management framework.
- Regulatory Compliance Mapping: Help the organization to achieve compliance with RBI Master Direction for IT - NBFC; or SEBI Guidelines and maintain records as per the compliance requirements.
- Conduct risk assessment: Conduct a risk assessment as per the finalized policies and processes for the in-scope functions. Discuss the risk with relevant teams and create a risk mitigation plan.
- Governance Meets: Conduct quarterly governance meetings as per the information security governance structure such as Information Security Steering Committee meetings or Board Meetings on Information Security.
- ISMS Internal Audit: Conduct an internal audit against set policies and processes for in-scope functions, prepare the organization for facing an external ISMS audit certification
- Trainings : Conduct user awareness training at the main locations and ensure that all employees have gone through either classroom or online training on information security awareness.