Although there are numerous other security frameworks, the ISO27001 standard is now being widely adopted around the world as the model for an ISMS (Information Security Management System). This is especially important if your organisation needs to provide formal assurance to clients or other interested parties - which may include obtaining formal certification.
One significant advantage of ISO27001 is that it is closely aligned with the current versions of other management system standards (such as ISO9001 Quality, ISO14001 Environment, and ISO45001 Occupational Health & Safety). This provides a great opportunity to establish an integrated management system for more efficient management and savings on certification costs.
Taking the first step
The first step to establishing your ISMS is to conduct a Gap Analysis . In other words, a check of the current system and controls against the requirements of ISO27001. The analysis can be performed in-house or with the help of a professional consultant. Either way, a Gap Analysis checklist is required.
New, fully-integrated Gap Analysis Tool
Qudos are now proud to announce the release of the fully integrated Gap Analysis software tool in Qudos 3 IMS software. This offers a full ISO27001 checklist with verification and results fields. In addition, they may each be linked to independently-assigned Actions to address the gaps identified. These Actions may be easily monitored for progress until the gaps are closed out. This powerful tool is available now on all cloud-hosted installations of Qudos 3 and will shortly be made released for on-premise installations. It is just the latest in a series of Gap Analysis tools for ISO management system standards - others include ISO9001 Quality, ISO14001 Environment, and ISO45001 Occupational Health & Safety.
Contact us for further details about the new Gap Analysis tool or Qudos 3 in general, for professional information security services, and ISO27001 certification. We also have an introduction to ISO27001 - available on request.