SPRING DISCOUNT
Get 30% off on toolkits, course exams, and books.
Limited-time offer – ends May 26, 2022
Use promo code:
SPRING30

Expert Advice Community

Guest

27001 question

  Quote
Guest
Guest user Created:   Apr 06, 2022 Last commented:   Apr 06, 2022

27001 question

Dear Mr.  Dejan Thank you very much for your support and help, and sharing for this start-up project template. I have a potential ISP/Fintech customer with current Core Network Backbone & too many fintech Leased line & Solutions running without good security program in mind. They are running the business with no good CMDB/Assets RISK ITSM/ITIL Strategy and enough people and organization divisions and separation of duties. and the WORST that they are running the business with no good NOC/SOC setup?? My Question is how ISO 27001 can help them improve and establish a security/cybersecurity program with a strategy of 3 actions plans : 1) Immediate action plan (Timeframe 3 months) : Assessment/Gap Analysis CSET & Design & Access + Services review. (assets, facility, devices, links, customers, Design & Security Access & Control, NOC/SOC...policies and FULL system/net audit (Vulnerability & Pentesting for Critical system), Training, Top Management and engineering Cybersec Awareness and Fullpicture Cybersecurty project awareness. 2) Mid-Term action plan (6 months) : prepare and build SOC team/Org people capacity & process and practices for CyberDevOPs operations including Assets Management-ITSM+RISK (config, probem,incident,..Mng), Training Cybersec Awareness,  SEC +, Ethical Hacking, SOC operation & Incident Response & Threat hunting. 3) Long-Term action plan (18 months), prepare the ISO 27001 or PCI-DSS requirement, gap analysis(CSET), policies, procedures..., project management PDC....  plan for implementation....with We want to deliver a high-level cybersecurity 1 page action plan. if we get the approval with will very glad/happy to partnership with you in many-ways,  we will buy the ISO-kit bundle and we will engage with you in ISO270001 implementation project for our Customer (we can discuss .. the .. forward plan...after getting the deal). We are very serious in this deal and the customer is very keek to start business with us as we assess them to close a severe threats/cyber holes in their infrastructure. Please advise with any starting document/plan that can help us getting this tough deal/closed as they need an immediate action with vision to adopt ISO270001 or PCI-DSS.
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Apr 06, 2022

ISO 27001 can help your strategy by helping:
- identify information security business and legal requirements that need to be fulfilled
- identify and prioritize information security risks that need to be treated
- develop information security controls to treat relevant risks

For further information, see:
- ISO 27001 Implementation Guide: Checklist of Steps, Timing, and Costs involved https://advisera.com/27001academy/knowledgebase/iso-27001-implementation-checklist/

To see how documents compliant with ISO 27001 looks like, please take a look at our ISO 27001 Documentation Toolkit: https://advisera.com/27001academy/iso-27001-documentation-toolkit/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Apr 06, 2022

Apr 06, 2022

Suggested Topics

Guest user Created:   Mar 31, 2022 ISO 27001 & 22301
Replies: 1
0 0

27001 question

Guest user Created:   Feb 21, 2022 ISO 27001 & 22301
Replies: 1
0 0

27001 question