ISO 27001 CONSULTANCY SERVICES
ISO 27001 CONSULTANCY SERVICES
PROTECT YOUR COMPANY’S INFORMATION
WITH PROFESSIONAL SUPPORT
Introducing, implementing and operating an ISO 27001 compliant management system is anything but easy for a company without this kind of expertise.
Should you employ management system experts?
Does standard compliance require investment in a new system?
Should you spend months on extensive training to obtain management system expertise?
Should you trust a consultant to carry out a fully managed process for your company to obtain an ISO27001 certification and have all the operational activities fulfilled?
HOW DACHS CAN HELP
As an independent consultancy firm, DACHS provides a full range of ISO 27001
information security management system consultancy services to support
its customers in carrying out the process of implementing and operating an ISO 27001
compliant management system.
There is no need for extensive training or recruiting teams of people, since DACHS helps
optimizing internal resource requirement during the management system
implementation process. Also, DACHS will not insist on introducing any technology
or platforms, as the existence of any given system or equipment
is no prerequisite of standard compliance.
WHY TRUST DACHS
DACHS consists of a qualified team of business analysts, project managers, quality experts and software specialists supporting companies with end-to-end services relying on a vast knowledge of ISO 27001 requirements. Our broad experience of document management support and development activities in the life sciences industry has provided us with insights into customer requirements and processes.
NO UNNECESSARY EXPENSES
Always aiming for cost optimization, we will not try to sell any systems or platforms to our customers in the process of obtaining compliance. There may be a need to choose, procure and introduce services or products, but this is always a result of a risk analysis and the sole decision of the company.
FLEXIBLE AND CUSTOMIZED SOLUTIONS
DACHS is flexible in the allocation of tasks with its customers. We establish close working relationships with key management and interested parties to gain an in-depth understanding of their needs and suggest the best solutions.
RELIABLE AUDITING EXPERIENCE
Our experts not only have a consultancy background, but also extensive auditing experience to support customers in the preparations and during a third party certification audit. This helps us in the identification of critical deficiencies to improve operation security and maximize certification audit success rate. Our aim is to establish long-term cooperation and our customers are not abandoned after the successful initiation of the ISMS or certification audit.
WE ARE ALSO CERTIFIED
DACHS’s operation itself has been certified according to the ISO 27001 standard by an accredited certification body for several years.
PARTNER IN CHANGES
There is no security system that cannot be improved and there are always changes to be made to the organization and its environment as well. DACHS is your partner in the implementation of revisions initiated by these changes or by the results of effectiveness measurement.
Integrated Management System Implementation Project
There are several ISO management system standards. Until 2012 they had slightly different requirements on the management system framework in very different document structures. At that time ISO/IEC have published a directive on how ISO management system standards shall be written. This made life much easier for organizations aiming to establish management systems that comply with multiple standards. But still, compliance with the requirements must be harmonized. The purpose of this paper is not to provide a comprehensive and detailed description of implementing a management system but to focus on integrated implementation and highlight experiences of a given integrated implementation project, providing useful hints for the reader.
ISO 27001 Compliant Management System Implementation Project
Our latest ISO 27001 consultancy project was special. Clients in many cases have a QMS (Quality Management System) already and want to integrate it with an ISMS (Information Security Management System), but that was not the case in this instance. Instead, they had an aborted ISO 27001 implementation project, and, while they didn’t know exactly what they wanted, they knew very well what they didn’t want. The purpose of this paper is not to provide a complete and detailed process of implementing a management system but to highlight the experience of a given ISMS implementation project and to provide useful hints.
Information Security Management
How to Achieve ISMS Continual Improvement
Information Security Measurement
Management Involvement in Information Security
Information Security Risk Assessment
Information Security, IT security and Data Security