|
|
 |
|
|
|
|
|
|
| |
|
|
|
|
|
|
|
|
|
|
While our Compliantz software offers organizations the capability for self-assessments, it is highly recommended that an assessment be undertaken by an external entity at least once a year to prevent the potential for internal collusion/fraud. eFortresses or it's partners can perform an on-site "healthcheck" in 5 days that will report on areas of non-compliance with applicable regulations and recommended actions to become compliant. This work will be done at a fixed fee, which is rare to find these days. |
|
| |
|
|
|
|
|
|
|
|
|
This code of practise has now gained international acceptance as the most comprehensive best practices framework available for Information Security Management. eFortresses assists organizations desiring ISO/IEC 27002 compliance by providing value added services, including: |
|
| |
|
 |
Gap Analysis / Compliance Roadmap |
|
|
|
Security Program Development |
|
|
|
Security Policy Development |
|
|
|
IT Risk Assessments |
|
|
|
Attack & Penetration Testing |
|
|
|
Network Security Architecture |
|
|
|
Incident Management - Security Breach Notification |
|
|
|
Computer Forensics |
|
| |
|
|
|
|
|
|
|
|
|
eFortresses offers 6-week to 6-month preparation service for organizations seeking ISO/IEC 27001 certification, including: |
|
| |
|
|
Risk Management Framework development |
|
|
|
Risk Assessment & Treatment process |
|
|
|
Asset Register development |
|
|
|
Asset Classification & Control |
|
|
|
Readiness Assessment / Remediation Plan / Certification Roadmap |
|
|
|
Early Selection of Accredited Certification Body |
|
|
|
Scoping Exercise including Scope Document, Statement of Applicability development |
|
|
|
Regulatory Compliance Mapping |
|
|
|
Integration of ISMS with COBIT, COSO, ITIL/ISO 20000 etc |
|
|
|
Internal ISMS Audit; Desktop review of Documentation, Control Objectives and Control Evidence |
|
|
|
Information Security Forum development |
|
|
|
Preventative and Corrective Action Plan development |
|
|
|
Facilitation of ISMS Pre-Assessment, Stage I and Stage II Audit |
|
|
|
ISMS Maintenance including Corrective Actions, Continuous Improvement, Metrics, Surveillance Audit |
|
| |
|
|
|
|
|
|
|
 |
|
 |
 |
|
|
|
|
|
|
|
| |
| |
