ISO 27001 Implementation
ISO/IEC 27001 Information Security Management System
Information security is achieved by applying a suitable set of controls (policies, processes, procedures, organizational structures, and software and hardware functions). An Information Security Management System (ISMS) is the way to protect and manage information based on a systematic business risk approach, to establish, implement, operate, monitor, review, maintain, and improve information security. It is an organizational approach to information security.
ISO publishes two standards that focus on an organization’s ISMS:
- The management system standard: ISO 27001. This standard is the specification for an ISMS. It provides the standard against which certification is performed, including a list of required documents. An organization that seeks certification of its ISMS is examined against this standard
- The code of practice standard: ISO 27002. This standard can be used as a starting point for developing an ISMS. It provides guidance for planning and implementing a program to protect information assets. It also provides a list of controls (safeguards) that you can consider implementing as part of your ISMS.
Why choose AITREC to help you on your ISO 27001 journey?
AITREC is a leading choice for ISO 27001 consultancy and implementation, which we can undertake remotely or onsite. We’re proud to have a strong team of dedicated ISO 27001 professionals with years of experience in information security management.
What makes us different? We tailor our consultancy to each business that we work with, ensuring that any new processes that you choose to implement blend effortlessly with your existing business model. We want ISO 27001 to work for you – not the other way around!
We also offer fully-guided ISO 27001 training—taking you and your team right through from introducing the framework to implementing new ways of working and to achieving ISO 27001 certification. Our comprehensive training approach ensures you have everything you need to achieve your certification. 27001 framework can be achieved, with minimal friction and maximum value.
Ready to get started?
Please get in touch with us and speak with our lead implementer Dr. Stanley Githinji, on +254 721 250 516 or email us at firstname.lastname@example.org or email@example.com
Lead ISO Implementer
Dr. Stanley Githinji has more than 15 years’ experience in the field of information security. His experience covers Information Security consultancy, strategy and ISO 27001 implementation, security research and development, risk assessments, risk management, cybersecurity training security audits, application/network security and security architecture. He has assisted organisations in aligning their information security strategy with their business objectives.