Information Security Management System
– ISO 27000 (27001, 27002)
Sentor provides a streamlined and effective solution to implement an Information Security Management System (ISMS) according to ISO 27001 applying a phased approach. Since we understand that each organization is unique, our method is designed to be adaptable to the various needs and objectives of all organizations.
The phases reflect the documentation, implementation and execution of the ISMS process and controls. The ISMS process consists of continuous management activities, which regulates and supports applied organizational and technical controls.
Are you already working with ISO 27001?
Whether ISO 27001 is new to you or if you have already started your journey, Sentor is able to assist you. We have a skilled team and custom packages to get you started quickly.
Phases of ISO 27001
1. Getting Started
Together we determine the scope for your organization and whether you go for certification or compliance with ISO 27001. We define objectives, goals, risks, and set the direction going forward.
2. Management and Control
Together we establish a governance model that contains the key elements of ISO 27001 for your organization. Based on the risks your organization faces, adequate controls are implemented.
You begin operational planning, implementation, and execution of agreed security controls. Other ongoing activities during this phase include defining KPIs, internal controls and various forms of security audits.
Sentor is also able to assist you throughout the certification process. If there are any non-conformities or questions during this last phase, we can on behalf of the organization clarify this for the certification body.