Getting the balance right

How do you comply or certify with ISO 27001?

When implementing ISO 27001, organisations must follow the Plan-Do-Check-Act (PDCA) process of continual improvement. This requires the completion of a series of activities and the production of a number of specified deliverables that will assist in the establishment of an information security management system (ISMS). At a high level and broadly speaking, the ‘Plan’ Phase entails assessing risks, the ‘Do’ Phase comprises the treatment of risks, the ‘Check’ Phase involves the auditing and review of the management system and the ‘Act’ Phase involves implementing improvements, corrective and preventive actions. The ISMS is the mechanism by which organisations show that they have identified their information security requirements and are operating, monitoring, and maintaining or improving controls to satisfy these requirements.

Since the ISO 27001 Standard was first introduced in 2005, URM has been assisting organisations develop their ISMS’and prepare for certification. Uniquely, URM provides not only a 100% certification guarantee of success but assurances that any implemented management system will be tailored, appropriate and sustainable to the client organisation. One of the reasons lying behind URM’s reputation as the UK’s leading ISO 27001 consultancy and training organisation is its risk management skills and expertise. As part of its capabilities, URM has developed an in house risk assessment tool Abriska which is regarded as a leader in class.

• Consultancy Introduction
• Information Security (ISO 27001)
  • Information Security (ISO 27001)
  • How to Comply with ISO 27002 or Certify to ISO 27001
  • ISO 27001 Awareness Training
  • ISO 27001 Case Studies
  • ISO 27001 Health Check
• Information Security (PCI DSS)
  • Information Security (PCI DSS)
  • Stages of Compliance to PCI-DSS
• Information Security (DMA DataSeal)
• Business Continuity Management (BS 25999 / ISO 22301)
  • Business Continuity Management (BS 25999 / ISO 22301)
  • Significance of BS 25999 / ISO 22301
  • How to deploy BS 25999 / ISO 22301 - Lifecycle Stages
  • Crisis Management Simulation Exercises
  • New ISO Standard for BCM - ISO 22301
• IT Service Management (ITIL & ISO 20000)
  • IT Service Management (ITIL & ISO 20000)
  • Significance of ITIL & ISO 20000
  • How to deploy ITIL or certify with ISO 20000
• Data Protection
  • Data Protection - Introduction
  • URM's approach to Data Protection
  • BS 10012 - New DPA Standard
• Information Risk Management
  • Information Risk Management
  • URM's approach to Information Risk Management
• Software Asset Management
  • Software Asset Management
  • URM's approach to Software Asset Management
• Polices & Procedures
  • Polices & Procedures
  • URM's approach to Polices & Procedures
• Social Networking