Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
I m p l e m e n t a t i o n Ro a d m a p
Vulnerability Assessment/Penetration Test
F o r c o n s u l t i n g o n I S O 2 7 0 0 1 , v i s i t u s a t w w w. p i v o t p o i n t s e c u r i t y. c o m o r c a l l 1 . 8 8 8 . P I V O T P O I N T ( 8 8 8 . 7 4 8 . 6 8 7 6 )
Address Short- of Key Applications/Systems
Term Attestation
Provides substantiative evidence that the net security objectives
(e.g., ensuring the confidentiality of information) are being achieved.
Requirements * Cost Effective * Well Regarded * Early Identification of Critical Risks <1 Month
Secure Data Flow Diagram (SDFD)
Proving that you are secure
Provides evidence that key client risks are being mitigated
while you are working towards
to an acceptable level by reasonable and appropriate security design.
27001 Certification is crtical to the
* Integral to Risk Assessment and Scoping * Facilitates Risk Identification
success of your organization.
* Evidence of Secure Design and Substantiative Test is effective attestation
Where stronger interim attestation
is required see Shared Preliminary 27001 Project Plan
Assessment Phase below. Where key clients have already requested 27001 compliance/certification,
communicating a plan & progress towards it is critical to satisfying their requirements.
Pre-Certification Audit
Certify "Friendly" pre-audit structured in accordance with certification audit
(Tabletop Review then Compliance Review).
and
While there are many significant Certification Audit
Beyond
advantages to implementing 27001 Certification Audit conducted by Certification Body resulting in
27001, most notably demonstrably issuance of ISO 27001 Certificate
reducing risk and simplifying Surveillance Audit (Year 2)
Information Security,
Mini-audit conducted by the Certification Body to validate ISMS
for most entities certification
efficacy. ISMS scope extension possible.
is the most important.
Triennial Audit (Every 3rd year)
Re-Certification Audit conducted by Certification Body