The information security management standard requirements address how your business should establish and maintain its ISMS. If your business wants to achieve ISO-27001 certification you need to comply with all these requirements exclusions would not be acceptable in the certification.

Asset Management

• Inventory of assets
• Ownership of assets
• Acceptable use of assets
• Classification Guidelines

Communications and Operations Management

• Change Management
• Segregation of Duties
• Monitoring and review of third party services
• Capacity management
• Audit logging
• Monitoring system use

Access Control 

• Access control policy
• Review of user access rights
• Information access restriction

Information Security Incident Management

• Reporting information security events
• Reporting security weaknesses
• Collection of evidence

Compliance

• Intellectual property right(IPR)
• Protection of company records
• Data protection and privacy of personal information
• Prevention of misuse of information processing facilities
• Compliance with security policy
• Technical compliance checking
• Information system audit controls

This may be daunting for you but thats why where here to help, Our CyberGuys are specialists in the certification processes of ISO-27001.

Feel free to talk to one of CyberGuys on - our team of experts are experienced in their field, however we keep the jargon to a minimum, friendly, helpful and happy to answer any questions you may have.