ISO 27001 provides standards for end-to-end security management, helping enterprises identify and protect sensitive information resources. Adhering to ISO 27001’s strict standards helps your brand distinguish itself as a leader in information security best practices, allowing customers to rest easy when they provide sensitive financial, health, or employment information.
Because of the complexity and relative newness of the ISO 27001 standard, ISO 27001 services from an expert partner are essential to preparing for certification. NCA provides a full suite of services and training for aligning your business with ISO 27001, preparing for the rigorous certification process, and maintaining credentials as security continues to evolve.
Our core ISO 27001 services include:
Information Asset Inventory & Identification
The first step in protecting information resources is understanding what’s at stake. NCA helps you evaluate your information systems and discover which assets are most crucial. This provides a top-level overview so you can proceed to further ISO 27001 activities with utmost confidence.
Risk Analysis and Gap Analysis
NCA’s risk analysis service provides penetrating insight into key risk factors threatening your information systems. Once key risks are identified, gap analysis determines where policies and procedures are falling short and provides action steps to mitigate known risks.
Web-Based Security Training
For security strategies to be effective, team members must remain invested in performing to their standards every day. NCA’s security training for key stakeholders combines state-of-the-art training content with a convenient Web-based delivery system for speed and efficiency.
Development of Security Policies and Procedures
In preparation for ISO 27001 certification, ad-hoc policies and procedures must be replaced with recognized best practices. This aligns the enterprise with international security standards and helps address issues identified in the gap analysis or other internal audits.
ISO 27001 focuses heavily on document control, demanding comprehensive document management policies with rigorous documentation and enforcement. NCA brings enterprises up to speed on this complex and comprehensive requirement through new policies, processes, and systems.
Technical Controls and Technical Control Framework
Technical controls – including all cyber-security applications and equipment – must not only be configured and controlled correctly, but also generate clear intelligence for security decision-makers. NCA reviews your practices and develops a complete technical control framework.
Controls automation helps you flag and respond to exceptions within your security framework in real time. This not only protects you from threats as they arise, but reduces the scope of human error and makes it significantly easier to maintain ISO 27001 credentials in the future.
ISO 27001 Pre-Certification
Pre-certification is the gold standard of NCA’s ISO 27001 services, providing you with complete preparation in terms of people, processes, and technology so your enterprise can apply for certification with confidence. We walk you through each step of the ISO 27001 process and execute a thorough pre-certification audit to address any lingering concerns before you begin certification.
NCA’s ISO 27001 Services Minimize Costs and Maximize Performance
Most enterprises do not have the vast resources needed to rapidly transform IT technology strategy in alignment with ISO 27001. If the process is managed internally, it can take years and lead to critical oversights. These prolong and complicate the certification process.
A fast and efficient certification process is the key to maintaining morale and unifying teams behind a vision for best-in-class security. NCA’s ISO 27001 services provide the resources for just such a transition. Our clear, successful processes eliminate ambiguity.
To find out more about ISO 27001 services or learn about our other IT security offerings, call or email NCA today. We look forward to helping you become a beacon of good security practice in your industry.
Network Computing Architects, Inc. is a premier provider of high quality sustainable and secure networking, information security solutions and unified communications. We partner with our clients to provide answers to business initiatives where leading technologies converge.
NCA achieved ISO 27001:2005 certification in December 2007 and is currently ISO 27001:2013 certified. The scope of NCA's ISMS is client confidential information within NCA Professional Services Practice.