ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organisation. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organisation. The requirements set out in ISO/IEC 27001:2013 are generic and are intended to be applicable to all organisations, regardless of type, size or nature.
We can carry out audits on your behalf or provide you with the training and tools for your staff to successfully carry out these audits themselves.
We can support you though the audit process to achieve accreditation and implement continuous improvement to maintain the standard.
We will help you produce a tailor-made ISMS, a systematic approach to managing sensitive company information so that it remains secure. It includes people, processes and IT systems by applying a risk management process.
Accreditation will help small, medium and large businesses in any sector keep information assets secure.
We will help you Identify risks and put controls in place to manage or reduce them.
The standard allows you to adapt controls to all or selected areas of your business depending on your needs.
Some organisations choose to implement the standard in order to benefit from the best practice it contains while others decide they also want to get certified to reassure customers and stakeholders that its recommendations have been followed.
By demonstrating compliance your business can gain status as pa referred supplier. It will also enable you to meet more tender expectations by demonstrating compliance.
Like other ISO management system standards, certification to ISO/IEC 27001 is possible but not obligatory. ISO does not perform certification. Many organisations around the world are certified to ISO/IEC 27001.
SDG provided Zayo with necessary tools to successfully implement ISO 9001, ISO 14001, OHSAS 18001 and ISO 27001. Their consultancy services throughout all our Global operations and has provided valuable assistance in the forthcoming implementation of ISO 27018 throughout our European Network
We have worked with SDG for over 10 years on various projects as a consultant establishing, implementing and maintaining ISO Accreditations for Quality, Environmental and Information Management Security. They distinguished themselves by consistently providing exceptionally well-researched and well-written policies and procedures, training material for all areas of our operations.
Being a security screening company essentially means that we check the background of personnel that organisations wish to employ. SDG have offered tremendous support for over three years, ensuring that we maintain our security screening compliance and accreditation.