ISO27001 THE INFORMATION SECURTIY MANAGEMENT STANDARD

Corporate data is very rarely recorded as an asset on the balance sheet, but where would your company be without it.

If all e-mails, databases, corporate research and development, contact lists, and their systems were lost, do you know how to stay competitive? What are the legal consequences?.

Aston Information Security specialises in working with its clients in developing and implementing effective and practical policies, procedures and working arrangements to manage your information security which is so fundamental to the effective governance of your organisation. We draw on the experience and expertise of our penetration testing division to offer a complete information security solution.

Using standards for information security management such as ISO 27001/BS7799, the International Information Security Management standard, and the Standard for Good Practice for Information Security, produced by the Information Security Forum as a benchmarks, we consider all aspects of your physical and network security - including personnel, systems access control, systems development and maintenance. The audits also include current legislation and compliance issues e.g. Data Protection, Computer Misuse, Payment Card Industry.

Working with you to gain an understanding of your current position and the scope of the project, we then develop a gap analysis, supplemented by recommendations for where and how security could be improved and an action plan for achieving these improvements. If appropriate, we also provide an implementation plan to take your organisation through the process of compliance and accreditation and will guide you through or manage the whole process depending on your resourcing capabilities and requirements