One of only a few USA based consulting firms with specialists experienced in leading organizations to ISO/IEC 27001:2005 certification. Our consultants have led original ISO 27001 implementations, performed Trial Audits, conducted Gap Analysis, created Security Improvement Plans and led alignment projects to combine existing certifications. Our pre-certification consulting practice is focused on making sure your organization receives the full benefits of compliance with best practices outlined in the newly released ISO/IEC 27001:2013 while preparing you for certification. Our pre-certification consulting is augmented by a full scope of training services that focus on your individual needs and will customize a training course best suited for your current situation, level of understanding and implementation schedule. For organizations already certified to ISO/IEC 27001:2005, we now offer full consulting support to guide your transition to the new 2013 standard.
Risk Based Security has been recognized by the British Standards Institute, an international registrar for ISO/IEC 27001:2013, as a trusted and vetted consultancy to prepare organizations for compliance and certification. We treat each client engagement as unique and apply an approach guided by data breach analytics and a risk management thought process in order to focus on your organization’s most valued assets. Knowing where to focus our mutual efforts improves effectiveness and is critical in protecting the business areas most important to success. Identifying key systems, processes, business objectives and the most valuable information assets, assures the ISO/IEC 27001:2013 certification engagement will be designed to protect the most critical areas of your business. With cost and schedule always being serious concerns, a risk-based approach is the best method to maximize the return from your investment.
Risk Based Security has demonstrated success in providing comprehensive pre-certification consulting services for preparing organizations for ISO/IEC 27001 certification. Our security and risk management experts have developed a proven methodology for the implementation of an ISO/IEC 27001:2013 Information Security Management System (ISMS).
Risk Based Security provides comprehensive pre-certification support that includes:
- Establishing the Project Team
- Developing the ISMS Scope Document
- Gap Analysis
- Information Asset Identification and Valuation
- Threat & Vulnerability Analysis
- Risk Assessment and Risk Calculations
- Risk Treatment Plans
- Security Improvement Plan
- Documentation Control Procedures
- Statement of Applicability
- Security Awareness Education & Training
- Security Incident Management
- Internal Audit Process
- Management Review
- Corrective and Preventive Action System
If you are planning to seek certification to ISO/IEC 27001:2013 Risk Based Security has the expertise you need for a cost effective and fully certifiable implementation. Please contact[email protected]