ISO 27001:2013

Information Security Management Systems

ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organisation. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organisation. The requirements set out in ISO/IEC 27001:2013 are generic and are intended to be applicable to all organisations, regardless of type, size or nature.

Internal Audits

We can carry out audits on your behalf or provide you with the training and tools for your staff to successfully carry out these audits themselves.

External Audits

We can support you though the audit process to achieve accreditation and implement continuous improvement to maintain the standard.

ISMS

We will help you produce a tailor-made ISMS, a systematic approach to managing sensitive company information so that it remains secure. It includes people, processes and IT systems by applying a risk management process.

Security

Accreditation will help small, medium and large businesses in any sector keep information assets secure.

Risk Management

We will help you Identify risks and put controls in place to manage or reduce them.

Flexibility

The standard allows you to adapt controls to all or selected areas of your business depending on your needs.

Trust data is protected

Some organisations choose to implement the standard in order to benefit from the best practice it contains while others decide they also want to get certified to reassure customers and stakeholders that its recommendations have been followed.

New Business Opportunities

By demonstrating compliance your business can gain status as pa referred supplier. It will also enable you to meet more tender expectations by demonstrating compliance.

Certification to ISO/IEC 27001

Like other ISO management system standards, certification to ISO/IEC 27001 is possible but not obligatory. ISO does not perform certification. Many organisations around the world are certified to ISO/IEC 27001.

A Few Kind Words

Comments from some of our satisfied clients. Please contact us if you require a specific reference

SDG provided Zayo with necessary tools to successfully implement ISO 9001, ISO 14001, OHSAS 18001 and ISO 27001. Their consultancy services throughout all our Global operations and has provided valuable assistance in the forthcoming implementation of ISO 27018 throughout our European Network

Paul Stone Europe ISP and Assurance Manager, Zayo Group UK Limited

We have worked with SDG for over 10 years on various projects as a consultant establishing, implementing and maintaining ISO Accreditations for Quality, Environmental and Information Management Security. They distinguished themselves by consistently providing exceptionally well-researched and well-written policies and procedures, training material for all areas of our operations.

Anthony Pearlgood Managing Director, Datasolutions

Being a security screening company essentially means that we check the background of personnel that organisations wish to employ. SDG have offered tremendous support for over three years, ensuring that we maintain our security screening compliance and accreditation.

Steve Cox Director, Security & Vetting Solutions Ltd

The Clients

SDG solutions works with a wide variety of clients in both the commercial and public sectors