Within the scope of consultancy, studies are carried out for the training of the Information Security management officer, general information security trainings, the creation of the documentation infrastructure, the functioning of the information security management system, and the creation of internal audit structures.
Services to be provided for ISO 27001 Certification are as follows:
- Classification of information assets, categorization, determination of system criticality.
- Evaluation of assets according to confidentiality, integrity and accessibility criteria.
- Presenting a framework for the risk approach.
- Preparation of risk analysis report.
- Rating of risks.
- Establishing the framework for presenting risks to senior management.
- Preparing the risk processing plan according to the risk analysis report evaluations of the senior management.
- Determine the controls to be applied to the risk treatment plan.
- Documentation creation.
- Configure controls.
- internal audit.
- Don’t keep records.
- Management review.
ISO/IEC 27001 Certification fee is calculated by considering specific questions such as your company/organization’s Industry, Location, Number of Employees.
Certification audit, ISO/IEC 27001 Information Security Management System If your system’s compliance with the standard is determined as a result of the certification audit, your organization will be entitled to receive ISO/IEC 27001 Information Security Management System. Following the successful completion of the organization certification audit, it will be recommended by our audit team for certification. After this stage, your document will be prepared and presented to you as soon as possible.
It will be carried out by our company’s audit team in order to determine the conformity of ISO / IEC 27001 Information Security Management System standard and system documents.
These are the audits to be carried out in case of nonconformity(s) that affect the general operation of the system in certification or surveillance audits. Follow-up audits will be carried out by the audit team performing the certification or surveillance audit.
Surveillance audits will be carried out at least once a year in order to check the continuity of your organization’s compliance with the ISO/IEC 27001 Information Security Management System standard.
Certification Validity Period
The document validity period for the certification made according to the ISO/IEC 27001 Information Security Management System standard is 3 (three) years.