ISO/IEC 27001 ISMS Implementation

Protect your information assets & stay compliant with regulations!

Implementing & managing an effective Information Security Program such as ISO 27001 ISMS will protect your organisation against emerging global threats, and ensuring that your are compliant with relevant regulations such as POPI, GDPR etc.

Start your information security & compliance program with us today!





Overview

What is ISO/IEC 27001 ISMS

ISO 27001 Information Security Management Systems (ISMS) standard ensures that your organisation keeps information assets safe and secure, by addressing the confidentiality, integrity and availability of critical and valuable information processed and stored by your organisation.

Organisation that obtain ISO/IEC 27001 certification validate that the security of financial information, intellectual property, employee details, assets or information entrusted from third parties is being successfully managed and continually improved according to best practice approaches and frameworks.


All You Need Is Here

OUR ISO/IEC 27001 ISMS IMPLEMENTATION Approach

Every function you need, in a single place


Naveg follows an integrated, holistic & systematic approach to ISO/IEC27001 implementation. Our approach covers various facet of business (People, Process, Technology). We keep in mind the context of the organisation, and ensure the ISMS meets the business & security objectives optimally.

We ensure the information security program implementation is aligned and embedded in already exist business process, however, where necessary changes will be made.

Our implementation approach follows the Plan-Do-Check-Act approach.

Our solution is aligned to best practice.


ISO 27000 series

Comprehensive standard providing best practices associated information security

CIS – Critical Security Controls

Comprised of a concise list of 20 controls and sub-controls for actionable cyber defence

COBIT 2019

An integrated framework, it allows to govern & manage IT holistically, incorporating security controls

NIST SP800-53

Define Security and Privacy Controls for Information Systems and Organizations

Background

How can we assist you become ISO 27001 certified?

Naveg provides ISO/IEC 27001 Consultancy services for implementing and reviewing an Information Security Management System (ISMS).

 


Project Planning & Organization Context

Firstly, a detailed project plan, charter, and reporting processes will be developed, with defined roles & responsibilities,  In addition, we will develop a comprehensive understanding of your organization, business, and existing IT security operations to lay the groundwork for the program development.


Risk Assessment

Firstly, a Risk management methodology is defined. We will gain a detailed understanding of your information assets and the impact of any loss of confidentiality, integrity, and availability of these assets should an incident occurred. We will thoroughly identify, analyse, and evaluate risk to produce & communicate risk report & response plan.


Design and Documentation

We will develop and establish an appropriate information security governance program that is mindful of the many layers of stakeholders involved in your organization’s security. We will also develop the appropriate policies, procedures, and internal reviews required to maintain your new compliance-ready security posture.



Training & Implementation Support

We will bridge the gap between your new security controls, and their day-to-day deployment, by training, educating, and offering hands-on implementation support to your biggest source of security risks— the people within your end users, IT users, and senior management.



Internal Audit & Certification

Before submitting your organization for audit, our independent auditors will perform a comprehensive pre-certification audit to ensure you will not experience any surprises when you seek official certification.

We will take any necessary final actions to ensure you achieve and maintain your ISO 27001:2013 compliance.


More info

Request a free consultant for your company to suggest the best approach for your ISO 27001 compliance.