Security Compliance Framework

How well does your organization manage information protection risk? Is there a standardized framework that manages information security compliance? Virtually every industry is facing increased pressure to comply with regulations, reporting requirements, and standards related to the security of corporate information assets.  The ISO 27000 series framework  is an internationally accepted  set of standards focused on a completely managing information protection risks. It is designed to be part of an overall IT risk strategy to assist organizations with protecting  their data, reputation and revenues.

ISO 27000 Series Assessment
OpenSky’s ISO 27000 Series Assessment services include a 4 week engagement that provides a high level review of 11 domain areas including: Managing Risk, Security Policy, Governance, Asset Management, Human Resources Security, Physical and Environmental Security, Communications, Access, Incident Management, Business Continuity and Compliance. At the end of the engagement, a findings and recommendations report is produced, along with an ISO 27001 compliance roadmap.

ISO 27001 Controls Mapping
Our ISO 27001 Controls Mapping service is designed to help clients map their security program and the ISO appraoch to regulatory and commercial requirements.  Our team will work with your IT risk and security team to map the ISO 27001 control objectives to selected regulations  or  industry standards to identify your compliance status. This service can be a limited 3-4 week engagement including a findings and recommendations report.