Like bereavement and taxes, compliance is unavoidable. Certain industries are heavily regulated, such as those in the Finance or Utility sectors, and all organisations are statutorily regulated. Various Acts have been introduced to ensure that personal data is secure, that systems are protected from attack, and that recourse is available for those adversely affected by the failure of an organisation to introduce adequate countermeasures.
The whole area is confusing and it is unfortunate that we find this confusion preventing organisations from complying. Our professional services team have extensive experience in the interpretation and execution of compliance requirements having undertaken practical implementations across many industry sectors.
ISO 27001 Overview
This is the international Code of Practice for information security management and offers a means by which certification against the standard can be achieved. Organisations certified to ISO 27001 have demonstrated that their ISMS is of a level currently considered globally to represent best practice. Other organisations are utilising the ‘Code of Practice’ in their compliance programs to satisfy their internal requirements to achieve best practice.
The route to certification comprises a number of stages, typically:
- Identification of Scope;
- Gap Analysis;
- Risk Assessment;
- Security Improvement Plan;
- Statement of Applicability;
- Training and Awareness;
- Mock Assessment.
getsix® as a Dell Partner, has undertaken a large number of compliance and certification projects and is able to assist organisations in the pursuit of certification in a simple and effective manner.
We are pleased to announce that getsix® has received the first stage of our ISO 27001 accreditation, we have been presented with ISO 27001:2005. This process is in two stages to comply with certification guidelines set by TüV Rheinland.
getsix® understands the importance of ‚Information Security Management’ for our clients, so we absolutely need to implement this to our Quality Management processes to further enhance our reputation for delivering a first-class service.getsix® Certificate No. 0198 153 00030 » getsix® System Certificates by TÜV Rheinland »