HALOCK’s Security Program Review is based on ISO 27001 and 27002. It provides a baseline of your current security posture.
Architecting and implementing a robust, mature information security program requires close alignment with business objectives, demonstrated organizational commitment, support from the top down and a consistent approach for implementing, monitoring and improving information security that integrates with the organizational culture.
(A 40 word sentence. My English teacher would be crying right now.)
What’s involved?
- Standards overview and introduction to ISO 27001/27002
- Business overview and Interviews with Sponsors
- Identification of key information assets and business processes
- Interviews with key personnel
- High level review of security controls across all 12 ISO domains
- Review of management sytem processes and procedures
- Provide guidance toward a mature security program
Deliverables coming out of a security program review include:
- Executive summary – Maturity Level Methodology
- Assessment summary
- Priority level methodology
- Summary of findings with recommendations
Nancy Sykora
Sr. Account Executive