ISO 27001 Compliance Readiness
Receive a ISO 27001 gap analysis and readiness assessment conducted by a ISO 27001 Registered Lead Implementer. Our consultants will help you prepare for certification.
Your Path to ISO-27001 Compliance
Developing an end-to-end Information Security Management System (ISMS) while preparing for an ISO 27001 audit is strenuous and time-consuming. Ensuring all the dots connect between the stack of documents is difficult and the difference between a fully integrated security program and one that is disjointed with contradictory policies or policies with gaps between them. This silo-approach, although common, adds an inordinate amount of stress to your audits. GoldSky Security begins this process by listening to you. We are committed to understanding your organization, your environment, and what is driving your need for implementing an ISO 27001-compliant and certifiable ISMS.
Ready to be ISO 27001 Compliant? We will get you there.
Contact us to start your ISO 27001 journey.
Our experienced team of ISO Lead Implementers will guide you, step-by-step, through the ins-and-outs of becoming compliant.
We have worked with GoldSky Security over the past few years to perform our annual Security Risk Assessments and to insure we are compliant with NCUA security standards. The Risk Assessment reports we receive are extremely detailed and the Remediation Roadmap’s are easy to understand and follow for our management team. As a result of partnering with GoldSky, we have dramatically increased the security posture of our credit union over time. We look forward to continuing our partnership and would highly recommend GoldSky as a great partner for any company in need of cybersecurity advisory services.”
Jeff Tibbetts Vice President and CIO LSI, Inc
Seven Step Process
Step 1.
Determine the ISMS Boundary
Boundary determination includes, what needs to be protected, what needs to be excluded, who is involved, what are the impediments and governance strictures.
Step 2.
Leadership
GoldSky will work with you to establish the vision for security management. We will help obtain leadership buy-in to include crafting the message from leadership to your employees.
Step 3.
Develop an Implementation Plan
GoldSky will work with you to establish a risk-based plan to implement the ISMS that fulfills Leadership’s vision. This plan will include developing a process, conducting a risk assessment and map mitigating strategies.
Step 4.
Support
GoldSky will coordinate with you to determine the resources necessary to effectively implement the implementation plan such as awareness for your employees, personnel skill sets, a communication plan and the ISMS-supporting documentation.
Step 5.
Operation
GoldSky will be your partner in executing all aspects of the implementation plan that meets Leadership’s vision. What we will do is sculpt how you currently do business to meet requirements, minimizing the impact to your operations. What we will not do is waste your time and resources tearing down your current security practices to build new methodologies, paradigms, and unnecessary processes just meet the standard. Operating the plan includes Security Awareness and Training, Implementing the technical, administrative, and operational controls and finally developing the necessary policies and procedures to support the ISMS
Step 6.
Performance Evaluation
GoldSky will conduct your internal audit to ensure the ISMS was correctly implemented and identify any lingering weaknesses that need to be addressed prior to your certification audit activities. We will also sit with you during your certification audit activities to support and help clarify the auditor’s requests.
Step 7.
Improvement
GoldSky will stand with you, as your trusted agent to correct any weaknesses and help you meet the ISO Standard’s mandate for continual improvement. As your Leadership evolves your organization, we will work to ensure security and the ISMS keeps pace.
“We were very pleased with the service from GoldSky. In addition to being very professional and knowledgeable, they communicated with our management team every step of the way, so we knew what was going on at all times. Once the project was completed, they delivered a detailed report about the work they did and made recommendations on how to improve our IT infrastructure moving forward. We will continue to use GoldSky as the need arises and would recommend their services without hesitation.”
David Kendall COO Cobb Cole