To effectively implement information security, which ensuring that this is effectively implemented, maintained and improved, we recommend the implementation of an Information Security Management System (ISMS). You may choose to take this further, and gain certification to ISO 27001: 2013; all our work is compliant with this standard.
As can be seen from this schematic, we initially gain a detailed understanding of your requirements, including an understanding as to why you wish to implement such a management system; this will help to define the scope for our project and your ISMS.
There will be regular contact throughout the project, and we will regularly update you on progress.
When implementing an ISMS, it is helpful to understand how we will work with you. We have a collaborative approach, focussed on simple, pragmatic and user-friendly processes and documentation. Our involvement will be both on and off-site, thus keeping down costs and maximising value.
We endeavour to ensure that you are confident to take ownership of your management system, although we are equally happy to provide more assistance maintaining your system, particularly for smaller organisations where staffing resources and time may be tight.