ISMS – ISO 27001
Sentor provides a streamlined and effective solution to implement an Information Security Management System (ISMS) according to ISO 27001 in several phases. Since each organization is unique our method adapts well to various organization’s needs and objectives.
The phases reflect the documentation, implementation and execution of the ISMS process and controls. The ISMS process consists of continuous management activities, which regulates and supports applied organizational and technical controls.
Are you already working with ISO 27001?
Whether ISO 27001 is unknown to you or if you have already started your journey Sentor can assist you. We have a skilled team and custom packages so you can get started quickly.
Phases of ISO 27001
1. Getting Started
Together we decide the scope for your organization, you can choose to be certified or achieve compliance to ISO 27001. We define needs, goals, risks, and indicates the direction forward.
2. Management and control
Together we establish a governance model that contains the key elements of ISO 27001 for your organization. Then we implement adequate controls based on the risks your organization faces.
You begin operational planning, implementation, and execution of agreed security controls. Other ongoing activities in the phase include defining KPI’s, internal controls and various forms of security audits.
Sentor can assist throughout the certification process. If there are any problems or questions in the last phase, we can on behalf of the organization clarify this for the certifying actor.