An independent review of your IT security
For ISO 27001 Compliance and more
It's good practice for your organization’s approach to managing information security to be reviewed at planned intervals, or when significant changes occur. To ensure objectivity and impartiality, those reviews should be performed by people that are independent of the area being reviewed.
In fact, such independent reviews are required for any organization seeking to be certified against the ISO 27001 Information Security standard. In the latest 2022 version of the standard, its a requirement that's specified in Annex control A5.35.
In many organizations, the need for that independence can be difficult to achieve due to resourcing issues, or a lack of specialist knowledge outside of the area responsible.
Qudos can offer a great solution with independent reviews of the technical components of your information security by qualified and experienced specialists. An initial review is often performed in tandem with a Gap Analysis against the ISO 27001 standard.
The content of reviews may vary but might typically include:
- IT Infrastructure Overview
- Analyse Security Principles
- Anti-Virus and Firewall Hardware and Software
- Network Security and Access
- Passwords and Authentication
- Account and User Management
- Data Confidentiality and Classification
- Data Encryption
- Analyse Physical Access
- Data Backup
- Disaster Recovery
- IT Hardware and Software Update Management
- Software Asset Management
- Inventory Asset Management
The review may be performed on site, remotely, or a combination of both as deemed appropriate.
Contact us now to discuss your needs, and for a no-obligation, fixed-price proposal.