Some of the biggest risks faced by an organisation of any size are now those associated with information security. Whether this be the threat of a cyber-attack or theft of an information asset an information security management system will help by providing a framework for identifying, evaluating and implementing appropriate controls to manage those risks. Other associated systems include business continuity and personal information management, the latter of which is very closely based on the UK Data Protection Act and GDPR.
The international standards associated with these disciplines are:
ISO 27001 – Information Security Management Systems
ISO 22301 – Business Continuity Management System
ISO 27701 – Personal Information Management Systems
Firecrest has experience of working with organisations to implement and achieve certification against each of these standards which are recognised as being those with the highest level of growth across the globe.
The benefits associated with a management system compliant with one, or a combination of these standards, include:
- Managing risks associated with information security, business continuity and personal information
Reducing the likelihood of a data breach - Improving productivity and efficiency
- Providing assurance and confidence to existing clients and potential new customers
- Ensuring business continuity in the event of a major incident
- Supports compliance with applicable legal and statutory requirements
- Protecting personal information
Services we provide:
- GAP Analysis
- Implementation and support
- Internal Audit
- Support for management review
- Management of corrective action
- Documentation and policy review
- External audit support