plan42 > IT Security Management > ISO 27000 Series > Project Procedure

Project Procedure

Our Services around the ISO 27000 Series of Standards

project procedure iso 27000 series of standards - ISO 27001 process model - IT Security Management

ISO Compliance with plan42

plan42 offers a comprehensive range of consulting services for the implementation of ISO 27000 series requirements – whether you have already taken the initial steps or you are new to IT security standards and information security management systems (ISMS).

For that purpose we have created ISO 27001 compliant process procedures: They do not only help you become familiar with the ISMS topic and its terminology, but also provide a valuable overview of project steps, responsibilities, and required documentation throughout all project stages.

Of course, we are also happy to adapt our process design to the specific requirements of your organisation. Based on this process model we accompany you through the following steps and, if so required, guide you on your way to certification:

1 Defining Your Scope

We help you define the scope in which you wish to implement the ISMS. Which processes, applications, etc. does your scope include?

2 Determining Your Objectives

Together with you, we determine your requirements and security objectives. This is the basis on which we develop your security policy.

3 Specifying Your Risk Assessment Approach

In this step we help you choose the risk assessment approach that best suits the requirements of your organisation.

4 Analysing Your Protection Requirements

In order to determine your protection requirements in terms of confidentiality, availability, and integrity, we organise workshops in which we draft and discuss real-life "what if" scenarios.

5 Assessing the Risk

The identified threats are mapped to risks, which we assess using the approach selected in step 3.

6 Developing Your Security Concept

We derive appropriate security measures and combine them to create a target concept.

7 Carrying out a Gap Analysis

Which measures of the target concept have already been implemented? Which are now to be put into practice?

8 Deriving Measures

Together, we derive open measures and prioritise them for implementation.

9 Securing and Optimizing Your Results

The last step serves to monitor the implementation progress, secure results and optimise them on a continuous basis.

Supplementing Services around ISO 27001

Since ISO 27001 is a certifiable standard, you can have your successful ISMS implementation officially confirmed: for that purpose, plan42 offers ISO 27001 certification audits on the basis of IT-Grundschutz. Besides, our security audits and gap analyses provide security assessments with varying scopes and for different stages of implementation.

And what can we do for you?

Would you like to learn more about our ISO 27000 services? Please feel free to contact us. For more information about ISO 27001 and IT-Grundschutz, please also refer to our service descriptionpdf_button.