ISO 27001

Policy & Procedures

IS Awareness









ISO 27001

ISO 27001

In today’s business environment, information is the lifeblood for any organization. Increasingly, organizations and their information systems are exposed to security threats from a wide range of sources, including computer assisted fraud, espionage, sabotage, vandalism, fire or flood. Computer viruses, hacking and denial of service attacks have become more common and increasingly sophisticated.

Information security is achieved by applying a suitable set of controls (policies, processes, procedures, organizational structures, and software and hardware functions).

An Information Security Management System (ISMS) is a management system based on a systematic business risk approach, to establish, implement, operate, monitor, review, maintain, and improve information security. It is an organizational approach to information security. ISO/IEC 27001 (BS 7799) is a standard for information security that focuses on an organization’s ISMS.

AAndersen offers expert consulting services for effective implementation of ISO27001.

  • Project Scoping: Properly scoping a ISO27001 project is an essential first step in any compliance initiative. Our consultants help you identify the business processes critical to your organization and which would be best targeted for initial compliance to the world-wide recognized Standard.
  • Gaps Identification: Gap analysis is the next step where our consultants develop a comprehensive report identifying the work required to become compliant as well as an action plan that includes prioritized actions for security improvement.
  • Risk Assessment: Risk assessment is a mandatory component of ISO27001 and we’ll help you analyze the levels of information security risk inherent in your business processes. Assessments can be performed.
  • Process Improvement: Our consultants provide whatever level of support you need to implement the required security improvements and are able to suggest practical solutions in each of the different areas of the Standard.
  • Preparing for Certification: Our consultants will explain both the benefits and the relatively minor, additional costs involved in certification. AAndersen can prepare you for certification and help you implement any final changes necessary to your ISMS. Finally, we can assist during the audit process itself by dealing with a certification body on your behalf and addressing any audit observations that arise.


Aandersen Ltd

Suite 12811

2nd Floor

145-157 St John Street