_edited.png)
ISO 27001 CERTIFICATION
What is ISO 27001 standard?
ISO 27001 is an internationally recognised information systems security standard.
​
The objective of this standard is to demonstrate the reliability and resilience of an information system, leading to the implementation of an ISMS (Information Security Management System).
​
The implementation of this ISMS is the main step in the preparation of an ISO 27001 certification, and takes into account both human and technical factors.
The implementation of an ISMS goes through different steps:
-
The definition of the strategy and objectives;
-
Strong commitment from employees and management;
-
Management, analysis and treatment of risks;
-
Drafting of policies and procedures;
-
Raising awareness among employees;
-
Developing the communication plan;
-
Surveillance, monitoring and continuous improvement;
-
Internal audit;
-
Certification audit (performed by an accredited third party, not by CyberSecura).
Why get ISO 27001 certification?
-
To reduce the risk of damage to the company's reputation, the risk of legal penalties, the risk of loss of commercial revenue due to the loss of sensitive information.
-
To reassure your customers, employees, suppliers and other interested parties about the security of their data.
-
To respond to invitations to tender for which ISO/IEC 27001 certification is required.
-
Demonstrate to the general public that your organisation takes information security issues very seriously.
-
To improve the information assets of your organisation and its customers year on year, thanks to the continuous improvement aspects of the standard.
The ISO 27001 certification process
-
A gap or blank audit to take stock of your current situation, the assets already in place, the gap with the standard, the organisation's resources and to achieve your objectives.
-
Managing your ISMS implementation project: drafting micro and macro plans, estimating costs and the time required.
-
Identifying and defining your security objectives.
-
Drafting your security policies and procedures.
-
Assisting and supporting the implementation of security measures within the organisation.
-
Carrying out technical audits (application and infrastructure audits) and risk analyses in accordance with the ISO 27005 standard.
-
Raising employee awareness.
-
Conducting an internal audit.
-
Planning and preparing management reviews.
​
To help you move forward quickly and efficiently, we have tools and templates for all these elements.
We are certified ISO 27001 Lead Implementer
ISO/IEC 27001 Lead Implementer certification provides the knowledge needed to support an organisation in planning, implementing, managing, controlling and maintaining an effective information security management system (ISMS), as well as implementing and applying the security measures relating to ISO 27001.
Workload
To ensure that the certification project progresses satisfactorily, more than 40 days of services are required. This volume of work is given as an indication only and may vary according to the size of the organisation and the resources dedicated to the certification project.
All our services to help you obtain a SOC or ISO27001 security certification are carried out by Saghar Estehghari, co-founder, CTO and expert consultant in cybersecurity, certified ISO/IEC27001 Lead Implementer.
WHAT HE SAYS
Mathieu Dreyfus, Group Quality Manager for Technidata
"The main reasons why I would recommend CyberSecura are the quality of the support, the adaptability, the ease and the expertise. I would recommend you because you bring indisputable expertise, while taking into account what your customer expects based on their own context, while being ready to adapt to it."
THE CLIENT USECASE
Would you like to find out more about our ISO 27001 certification? Download our customer case study for more information!
​
If you download the usecase on this page you will access French content. If you want to read this usecase in English, please click here!
