Implement and maintain an effective Information Security Management System to protect your information assets and build trust in a digital society.
The internationally recognised and widely adopted ISO/IEC 27001 standard provides requirements for establishing, implementing, maintaining and continually improving an Information Security Management System (ISMS) that preserves the confidentiality, integrity and availability of (information) assets you want to protect.
It centres around a risk management process that, through certification, will give confidence to interested parties that information security risks within your organisation are adequately managed.
The correct interpretation and pragmatic implementation of the ISO 27001 standard can be a hassle for many organisations. For more information, do not hesitate to reach out for a free informal discussion. Our experts are happy to clear any misconceptions about ISO 27001, elaborate more on our approach and explore in what ways we might be able to assist you, if desired.
Knowing that complexity is the enemy of security, PwC offers advice to help you and your organisation with the implementation of a pragmatic Information Security Management System (ISMS) that’s tailored to your organisation’s context, size and culture. We'll guide you through the entire process of implementing (or optimising) an ISMS to ensure that it is truly embedded within the organisation. Our approach also allows organisations to incrementally increase the scope of their ISMS as the added value of the system becomes clear throughout the organisation ("Think Big, Start Small").
Efficiency: We've built an extensive toolbox consisting of all the mandatory documents and supporting tools that we can leverage, shape and adapt to your organisation to go through the implementation process in an effective and efficient way. We'll also align our tools and deliverables with available information security policies, standards, procedures and ways of working within your organisation in order to reduce the impact of organisational change.
Experienced and certified team: We offer an experienced and certified team (ISO 27001 Lead Implementer and Lead Auditor) that’s performed multiple successful ISMS implementations in the past, backed by a local team of over 50 security professionals and a global network, to provide specific expertise, ready to assist you with the implementation of any missing security controls. Our many years (10+) of experience in auditing information security management systems allows us to think as an auditor, which we can leverage during the implementation to anticipate the official certification auditor.
Accommodate your budget: We offer our service in different packages to adapt our level of assistance to your available budget and internal resources. As such, we can take the lead during the entire process, share the workload with your team or simply advise you during the implementation process with guidance, reference materials and performing quality assurance.