27k1 ISMS Product Info
27k1 ISMS has been designed and developed in accordance with the ISO 27001 standard by Information Security professionals and ISO 27001 practitioners. 27k1 ISMS allows any company to identify all Information Security assets, assess their values and quantify any risks, threats and vulnerabilities to which these assets may be exposed.
During the ISO 27001 planning stage it is important to document and approve the security policies, the information in these policies is fundamental to an ISMS. 27k1 ISMS configuration allows for these settings to be assigned.
The screenshot sample shows an information classifications template which can be configured in accordance with your policies.
We recognise the urgency and lack of time required to complete an ISO 27001 GAP Analysis.
The GAP Analysis is designed for Implementers to go through each security control in a fast and efficient manner.
When a GAP project is completed another GAP project can commence. The results of the GAP are reported and are shown against the selected control during the risk treatment process in the Risk Manager.
It is important for any ISMS system to accommodate the importing of asset data, 27k1 ISMS facilitates this by importing data into a “safe area”. When the imported information is vetted; within the application the imported assets are then transferred into the asset library.
Where assets of similar security types exist, financial laptops could be an example, these are entered into an Asset Group therefore saving much time an effort during the risk assessment.
The Risk Manager is a fully blown asset valuation, assessment and treatment solution.
Not only are assets assessed but business scenarios as well.
Multiple threats and vulnerabilities or vulnerabilities and threats can be added for assessment and treatment, this screenshot shows the Threat then Vulnerability methodology.
27k1 ISMS includes many great features to assist with your journey to compliance.
One feature noted here is the ability to offer suggested ISO 27001 controls based on the criteria selected for each type of asset.