How to Manage your ISMS

Implementation of your ISMS to conform to the ISO 27001 standard is not an easy task unless you have a system framework of documented information. 

About

27K1 Information security management system

How do you manage your ISO 27001 system? We can provide you with a on premise or if you prefer a cloud secure storage for your ISMS

 

What is the software for?

 

The 27k1 Information security management system has been designed and developed in accordance with the ISO 27001 standard by Information Security professionals

How does the software help?

 

The system will manage all aspects  which are required to be in place to comply with the ISO 27001 standard. Each module is designed to give assurance of each of the Clauses 4 to10

The Solution to managing ISMS

Donec rutrum congue leo eget malesuada. Sed porttitor lectus nibh. Donec sollicitudin molestie malesuada. Cras ultricies ligula sed magna dictum porta. Curabitur aliquet quam id dui posuere blandit. Donec sollicitudin molestie malesuada. Vestibulum ac diam sit amet quam vehicula.

How to do a Gap analysis for ISO 27001

 

The Gap Manager module is designed for Implementers to assess and allocate each security control efficiently and effectively.

The results of the Gap Analysis are reported and shown against the selected controls during the risk treatment process, which is managed from the Risk Manager module.

As standard, the 27k1 ISMS system provides a complete set of Controls and Clauses including the Annex A Controls. The Gap Analysis Reports also include Actions, Progress and Summary Reports so that the business can review its efforts to reduce risk to its Information Security.

 

The gap analysis asks questions like:

What is your scope of coverage for your ISMS this is important as you should make sure that the information that flows around your organisation is secured. So how many staff and in what locations

 

Asset Manager

All Information Security assets are managed within the Asset Manager module. Each asset type has a particular set of fields within the system, allowing it to be managed according to the ISO 27001 standard. For companies that do not have an asset register, the 27k1 system fulfils this function. Moreover, the same applies to companies that do not have an HR Register, since Personnel are also regarded as assets within the ISO 27001 standard.

 

Document Manager

All Information Security documents are listed and tracked in the Document Manager. The 27k1 system provides by default, document titles which are acceptable for most ISMS’s, whilst additional documents can be added as required.

The 27k1 ISMS does not deploy an integrated document management system. Instead, the Document Manager system has been designed to “point” to the actual document using a URL that is inserted into an associated field. In this way, a company can make use of its present document management system, such as SharePoint, Egnyte, Drop Box, Office 365 or other solution, saving cost and time, whilst enabling document revision from personnel that have access permission.

 

The Control Manager

Manage all the Annex A Controls and track the status of each control in readiness for automatically producing a Statement of Applicability. In the Control Manager you also can assign suggested documents to each Control and manage the Actions that you have assigned to the associated Control.

The Statement of Applicability can be created within the Control Manager at any time, then issued when all the Controls are in place. This means that you can keep track of the Statement of Applicability and directly associate a specific SoA with the ISO 27001 Certification Scope.

 

 

Risk Manager

The Risk Manager has been developed to provide a fully comprehensive and highly flexible asset and business scenario valuation, assessment and treatment solution.

In addition to the risk and vulnerability assessment of assets, the system allows you to consider business risk scenarios as well. In the Getting Started module, you can set up the system to suggest multiple threats to assets and their vulnerabilities.

 

 

Managing and tracking risks

The Risk Treatment process leads to Risk Treatment projects that require actions according to the level of risk. These may include Accept, Treat, Transfer or Avoid.

Once the risk has been assessed and managed, the system allows further management and treatment of any residual risks before accepting and assigning responsibility for these actions. In this way, the 27k1 ISMS provides a total audit trail and full reporting for the tracking, management and mitigation of Information Security risks.

 

Conformance Manager

Audits and security breaches may identify nonconformances, where corrective actions are required. The Conformance Manager allows the user to identify nonconformances, treat them with corrective actions and then track the corrective action process until conformance is achieved.

 

Reports

The 27k1 ISMS delivers a full set of automatically generated reports, including the Statement of Applicability, that will enable the business to achieve compliance to the ISO 27001 standard.

Click Here

About

How It Works

All your ISO 27001 ISMS data is stored on your Azure SQL Database and your preferred Cloud providers. SQL Server database can also be used if the ISMS data is to be kept within your company. For even greater confidentiality select our “on-premises” version.

Jane Doe

Curabitur arcu erat, accumsan id imperdiet et, porttitor at sem. Cras ultricies ligula sed magna dictum porta. Donec sollicitudin molestie malesuada. Vivamus suscipit tortor eget felis porttitor volutpat. Pellentesque in ipsum id orci porta dapibus. Vivamus suscipit tortor eget felis porttitor volutpat. Proin eget tortor risus. Nulla quis lorem ut libero malesuada feugiat. Vestibulum ac diam sit amet quam vehicula elementum sed sit amet dui.

Jeff Dawson

Curabitur arcu erat, accumsan id imperdiet et, porttitor at sem. Cras ultricies ligula sed magna dictum porta. Donec sollicitudin molestie malesuada. Vivamus suscipit tortor eget felis porttitor volutpat. Pellentesque in ipsum id orci porta dapibus. Vivamus suscipit tortor eget felis porttitor volutpat. Proin eget tortor risus. Nulla quis lorem ut libero malesuada feugiat. Vestibulum ac diam sit amet quam vehicula elementum sed sit amet dui.

Contact Us

01514265216

Liverpool UK

Monday-Friday: 8am – 5pm

Get Started

Mauris blandit aliquet elit, eget tincidunt nibh pulvinar a. Vestibulum ante ipsum p