ISO 27002 Assessment Services
ISO 27002 is a series of standards developed by the International Standards Organization (ISO) related to Information Security and Information Security Systems Management. While conducting normal business operations, your organization may process, store, or transmit sensitive information. The ISO 27002 framework outlines specific controls to help you safeguard this information and mitigate your risk related to this sensitive information.
Compass IT Compliance is well versed in the requirements set forth in the ISO 27002 IT Security Framework. Our assessment methodology takes into account the 14 clauses outlined in the ISO 27002 framework as well as the security categories that are contained within each. The fourteen clauses in scope for an ISO 27002 assessment include:
Compass IT Compliance Services
- ISO 27002 Risk Assessment - Assess your current level of compliance with ISO 27002, identify gaps in controls, and identify key work areas that your organization must address to achieve and/or maintain compliance with the framework
- ISO 27002 Audit - Our experienced, certified IT Auditors will examine your IT controls mapped against ISO 27002 requirements, obtain evidence to determine if the controls are operating effectively to achieve your organization's objectives and satisfy framework requirements, and provide attestation of audit along with remediation strategies. A deeper dive assessment compared to the ISO 27002 Risk Assessment, the ISO 27002 Audit will include evidence sampling
- ISO 27002 Advisory Services - Work with your organization and tailor our project to your specific needs to address any concerns that you have related to ISO 27002, assist in the implementation and updating of policies and procedures, or assist in assessing the risk your third party providers pose related to ISO 27002
Are you being asked by a client to provide verification of your information security program through an ISO 27002 Risk Assessment? Or are you considering having an ISO 27002 Risk Assessment completed to demonstrate your commitment to securing your sensitive information? Either way, Compass IT Compliance will assist your organization by conducting and documenting the controls you have in place compared to the controls outlined in the ISO 27002 standard and provide you a clear remediation path to mitigating your overall risk. Contact us today to discuss your specific situation and for more detailed information.