An ISO 27001 certification or an alignment of your organization with ISO 27001/ISO 27002 makes it provable that your organization continuously controls information security processes and that you ensure the confidentiality, integrity and availability of business-critical information. The ISO 27001 security standard also contributes to the continuous monitoring and improvement of your business processes.
Furthermore, it allows your organization to prove towards your clients and other stakeholders (e.g. shareholders) that you have taken sufficient measures in terms of information security and privacy.
Do you wish to obtain your ISO 27001 certification? Is there a need to have all/some information security controls as defined in ISO 27002 implemented? clipeum is the experienced guide to assist you.
We know how to communicate and how to work with your entire organization in a way that it is understandable and tangible for every single staff member of your organization. Security, human resources, finance and legal, … Everyone is involved to ensure that the services we deliver are fully comprehended and supported by everyone in your organization. In this way, we ensure a durable positive impact in your organization, and we demonstrate that this information security exercise is not a one-time exercise. We always have the aim to find the perfect mix of templates, tools, workshops and training to get your organization ISO 27001 certified or aligned.
In addition, we emphasise that the purpose it not only to obtain the ISO 27001 certification or to align your organization with ISO 27001, but, above all, putting in place the necessary structures to make your company less vulnerable to the many risks linked to the digital era.
OUR SERVICE OFFERING INCLUDES (AMONGST OTHERS):
- Creating a roadmap, and guiding your company through the ISO 27001 certification project or ISO 27001 alignment project (starting from project plan, over a security scan and setting up a risk register, up to implementing the ISO 27001 requirements and ISO 27002 controls and following up on the defined action plans), considering the supporting ISO27K standards such as ISO 27017 and ISO 27018.
- Developing new, or optimizing existing policies and best practices in function of ISO 27001 and ISO 27002 compliance.
- Performing a pre-audit on the self-assessment performed at your organization in view of a planned ISO 27001 certification audit, to make sure that you comply with all requirements and that you can pass the certification audit with confidence.
- Setting up the required internal audit programme and, if required, assisting with the execution of the internal audits (prior to the ISO 27001 certification and/or in the period after the certification is achieved).
- Guiding your company and, where appropriate, supporting during the different stages of the actual ISO 27001 certification audit by a recognised certification body.
- Guiding and supporting your company in the follow-up of the identified non-conformities after obtaining the ISO 27001 certificate, in view of the annual follow-up audit and the triennial re-certification audit.
- Guiding and supporting your company towards compliance with the NIS[1] directive, using ISO 27001, ISO 22301 and ISO 27035 as reference standards.
INTERESTED?
Do you like to give information security the necessary priority within your organization? Do you also like to protect your organization against the risks of the digital era, such as data breaches and hacks? Do you like to implement the defined measures in a structured way and have this (optionally) confirmed by an ISO 27001 certification? Then we are happy to bring you a visit. Contact us without any obligation by sending an email to frederik.vervoort@clipeum.be or give us a call at +32 473 91 05 80 for more information.
[1] The NIS-directive imposes that operators of essential services (OES) and digital service providers (DSPs) established in the EU, do implement technical and organizational measures to manage risks that threat the security of their network and information systems. This directive has been transposed to Belgian legislation in March 2019.