ISO 27001 Information Security Management Systems (ISMS)

Information Security Management Systems (ISMS) 

ISO 27001 is an International Standard that adopts a “Plan-Do-Check-Act’ (Model) process approach that specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving a documented Information Security Management System (ISMS)

Process Governance Consultant Group  ISO 27001 Implementation Services

Process Governance Consultant Group (PGC Group) has the domain expertise and knowledge to help organizations achieve compliance against industry standards and maintain process governance.  Our Consultants have experience assessing, designing, documenting, and implementing management systems that aligns with ISO and other recognized industry standards. 

We offer services to help our client's prepare for and achieve compliance to ISO 27001 audit.  Our service offerings include.

• ISMS gap analysis

• Define the scope of the ISMS

• Define and document the ISMS processes and procedures

• Define roles, responsibilities, and management expectations

• Define and prepare risk assessment and statement of applicability (SoA)

• Implement a training and awareness program

• Establish control of documents and records 

• Establish a management review process

• Define and develop an internal audit process 

• Establish control objectives and controls

• Select ISO 27001 certification body and Lead Auditor(s)

• Conduct preliminary documentation review

• Prepare the organization for an initial ISMS audit (document & compliance) 

• Provide guidance on survelliance visits