To effectively implement information security, which ensuring that this is effectively implemented, maintained and improved, we recommend the implementation of an Information Security Management System (ISMS).
You may choose to take this further, and gain certification to ISO 27001: 2013; all our work is compliant with this standard.
As can be seen from this schematic, we initially gain a detailed understanding of your requirements, including an understanding as to why you wish to implement such a management system; this will help to define the scope for our project and your ISMS.
There will be regular contact throughout the project, and we will regularly update you on progress.
When implementing an ISMS, it is helpful to understand how we will work with you. We have a collaborative approach, focussed on simple, pragmatic and user-friendly processes and documentation. Our involvement will be both on and off-site, thus keeping down costs and maximising value.
We endeavour to ensure that you are confident to take ownership of your management system, although we are equally happy to provide more assistance maintaining your system, particularly for smaller organisations where staffing resources and time may be tight.
We are happy to answer any questions about Business Continuity, Crisis Management, Information Security, Data Protection and Product Recalls.
How Can Cambridge Risk Solutions Help?
Cambridge Risk Solutions provides a range of services to assist with the implementation of Information Security, and have an experienced ISO 27001 Lead Auditor who can assist with readiness for certification to ISO 27001:2013.
View some case studies of recent Information Security and ISO 27001 projects.