Compliance can be a requirement, especially when your customer says it is. If your customer just will not sign a contract because your network must first be compliant to an industry standard set of rules, call us. We can get your environment fully certified. Not only does it increase the chances you will close the deal, your environment will be more stable and secure because of it.
Get certified, we can help your policies and procedures so you become fully certified.
The ISO standard 17799:2000, The Code of Practice for Information Security Management, provides a framework within which organizations can assess the relevance and suitability of Information Security controls.
Organizations are able to benchmark and obtain certification for their security arrangements against ISO17799 to ensure that they are effective and in line with accepted best practice.
PhoenixSynergy provides a range of services to help our clients ensure that their information security practices conform to the ISO17799 standard. Areas that PhoenixSynergy can assist with the effective and pragmatic application of ISO17799 are outlined as follows:
We Follow Generally Accepted Information Security Principles (GAISP)
- Benchmarking: Assess the status for Information Security management and controls within our client’s organization.
- Scope Study: Assess the feasibility, costs and timetable for implementing ISO17799.
- Gap Analysis: Assess existing Information Security arrangements against those recommended in the standard, identification of the weaknesses and development of a ISO17799 implementation plan. PhoenixSynergy’s approach is to perform a comprehensive gap analysis of resulting in an action plan for each area of weakness. This report will provide practical advice on how to address any identified weakness.
- Risk Assessment: Undertake an impact analysis, performing a threat and vulnerability assessment and identifying security controls in line with the principles of ISO17799. This assessment will demonstrate that the selected controls are in line with the principles of ISO17799.
- Security Improvement: Deliver an Information Security improvement program to achieve and maintain compliance with ISO17799. Assistance with the development and implementation of required controls, policies and procedures.
- Management : Project and quality management of ISO17799 programs; and
Education and Training: Security awareness for our clients staff and training in all aspects of ISO17799.