create value for improving information technology abilities of the enterprise

under the guidance of user demand,provide the best service to customers
ISO 27000 Consultation
Suzhou Metalogic Information Technology Co.,Ltd   2018-09-26 11:15:33 Author:SystemMaster

ISO 27000 Information Security Management System Implementation and Certification

ISO 27000 System Framework Plan


On the basis of current situation research and Gap assessment, comprehensive consideration is given to the ISO 27001:2013 standard and regulatory requirements. If necessary, reference Cobit/ITIL as a supplement to assist enterprises in formulating improvement plans and designing standardized and extensible system frameworks. Assist enterprises to set up effective, efficient and smooth management system.


-The programme includes: current gaps, improvement goals, implementation steps, and results. The contents of the improvement and risk disposal measures that need to be implemented are classified and merged to extract a list of related implementation tasks. Forming the overall change time plan, resource implementation and other information;
-Through training or communication, the specific working group of the Software Centre will be able to clarify the content and requirements of the work, and to understand the ISO 27001 standard, relevant laws and regulations, and management norms and technical standards followed in the work process. To carry out a comprehensive analysis of the importance, urgency, enforceability, and expected results of the tasks to be implemented, and to formulate an overall work plan.
Form the implementation project plan. The project plan includes the explanation of related tasks and steps, and defines the responsible person of Party A for each project.
According to the improved project plan, the overall document structure of the management system after the completion of the preliminary description, shows the interface of multi-system integration, and assists the enterprise to establish a unified and complete information management system.
IT risk assessment consultation.

ISO 27001:2013