ISO 27001 certification demonstrates your commitment to managing the security of your organisation’s information systems, processes and policies as effectively as possible. It will provide reassurance to your client base that you have robust procedures in place to mitigate cyber risk and protect their data.
However, becoming ISO 27001 certified is a major undertaking and often over-stretches internal resources. It’s usually easier to seek expert support from a third-party, although the market can prove to be a minefield, with many service providers offering templates and quick fixes that over-promise and under-deliver. In truth you can’t cut corners on compliance.
Whether this is your first step towards certification or you are already certified and want to review your security posture, we are the ideal partner.
We provide a range of ISO 27001 consultancy services to help you achieve certification and remain compliant.
Our consultancy services are tailored to meet your needs. Whether you require a single day of training or complete support throughout your ISO 27001 journey, we can help. Typical consultancy engagements include:
A gap audit is an analysis of your organisation’s infrastructure and information systems designed to understand what you need to do to achieve certification.
It’s a good starting point if you need to scope out your project and determine what budget and resource will be required.
Dionach’s consultants will visit your business, review your current policies, procedures and practices, and produce a detailed Gap Analysis Report which outlines your current compliance levels and highlights any areas that need to be addressed.
ISO 27001 compliance involves regular internal audits of your Information Security Management System (ISMS) to check ongoing conformance with the standard.
Our highly experienced team of auditors will conduct a full evaluation and produce a detailed report outlining areas of non-conformance and suggesting corrective actions.
We typically deliver this face-to-face to enable a more in-depth discussion of any issues identified during the audit process. Our auditors are also available to deliver the necessary remediation work as required.
The Gambling Commission requires that all license holders comply with Remote Gambling and Software Technical Standards (RTS) and that annual security audits are undertaken by an independent, qualified security specialist.
Dionach’s auditors are fully conversant with the industry standards, have much experience in conducting audits and produce reports suitable for submission to the Gambling Commission.
We also assist operators in achieving compliance with the relevant areas of the information security standard ISO 27001, as required by the Gambling Commission.
This is the second of two parts of our publication, looking at the new section 8 controls of the ISO 27002:2022 update. Please refer to
Part 1 of 2 Authors: Shannon-Louise Huxley – GRC Consultant, Steve Rowe – GRC Consultant The release of the ISO 27002:2022 update brings a restructure of