How well does your organization manage information protection risk? Is there a standardized framework that manages information security compliance? Virtually every industry is facing increased pressure to comply with regulations, reporting requirements, and standards related to the security of corporate information assets. The ISO 27000 series framework is an internationally accepted set of standards focused on completely managing information protection risks. It is designed to be part of an overall IT risk strategy to assist organizations with protecting their data, reputation, and revenues.

ISO 27000 Series Assessment

OpenSky’s ISO 27000 Series Assessment services include a 4 week engagement that provides a high level review of 11 domain areas including: Managing Risk, Security Policy, Governance, Asset Management, Human Resources Security, Physical and Environmental Security, Communications, Access, Incident Management, Business Continuity, and Compliance. At the end of the engagement, a findings and recommendations report is produced along with an ISO 27001 compliance road map.

ISO 27001 Controls Mapping

Our ISO 27001 Controls Mapping service is designed to help clients map their security program and the ISO approach to regulatory and commercial requirements. Our team will work with your IT risk and security team(s) to map the ISO 27001 control objectives to selected regulations or industry standards to identify your compliance status. This service can be a limited 3-4 week engagement including a findings and recommendations report.