Compliance - ISO 27000

The ISO / IEC 27001 standard provides a systematic approach to information security management and increases the reputation level of a company or organization.

The standard defines the areas that affect information security:

  • Security policy
  • Organization of information security
  • Asset management
  • Security of human resources
  • Physical and environmental security
  • Systems and network management
  • Access control
  • Business continuity management
  • Purchase, development, and maintenance of IT systems
  • Information security incident management
  • Compliance with legal requirements and own standards


  • What this service includes
  • ISO/IEC 27001
  • Back to our expertise
    • CYBER SECURITY RISK ASSESSMENT

    The cyber security risk assessment performed with:

  • Risk analysis methodology
  • Identification major items (organization, systems, subsystems, networks)
  • Identification, evaluation of the threat scenarios with their impact and likelihood
  • Designing adequate countermeasures
  • Risk Register
    		• Scope of risk assessment:

  • Risk analysis methodology
  • Identification major items (organization, systems, subsystems, networks)
  • Identification, evaluation of the threat scenarios with their impact and likelihood
  • Designing adequate countermeasures
  • Risk Register

    • Documents and standards used for cybersecurity risk assessment:

  • IEC 62443 - Industrial communication networks - IT security for networks and systems
  • IEC 17799 - Information technology, Information security management
  • IEC 61511 (All parts) - Safety instrumented systems for the process industry sector
  • RFC 1918 - Address Allocation for Private Internets
  • AGA Report No. 12 - Cryptographic Protection of SCADA Communications


  • Back to Cyber Security Risk Assessment (SCADA, SSI & other systems)
  • Back to Services
    		•

    >