ISO/IEC 27001:2013 Assessment
ISO/IEC 27001:2013 specifies requirements for maintaining an organization’s information security management system (ISMS). These requirements include the establishment, implementation, monitoring, review, maintenance, and improvement of the information security control structure. This allows an organization to evaluate its security risks in a systematic and predictive manner.
LBMC Information Security’s proprietary approach to ISO/IEC 27001:2013 assessments will provide a comprehensive picture of the IT risks facing your organization, including matrices detailing the likelihood of a risk occurring, the impact to the organization if a particular risk is realized, and a list of controls that have been implemented to address each risk.
ISO/IEC 27001:2013 Readiness Assessment
LBMC Information Security will work with our clients to help prepare them for ISO/IEC 27001:2013 certification. To do this, we will first conduct a workshop-style session which includes limited technical testing, to identify and validate the technical boundaries of the ISMS. Next, we will review relevant documentation and conduct interviews of key personnel who perform, administer, or oversee IT operations and security functions for the ISMS. Finally, we take all the information gathered during these steps and compare the results to the controls specified in ISO/IEC 27001:2013 and associated ISO standards, providing detailed insights that clearly highlight compliance status vs. the ISO framework for easy reference.