Tools approach to automating ISO27002 ISMS Policy aligned continuous monitoring

Current ISO Offerings include

  • ISO 13485:2016
  • ISO/IEC 30111:2019
  • ISO/IEC 27001:2013 €
  • ISO/IEC 27017:2015 € 27002 for cloud services
  • ISO/IEC 27799:2016 €
  • ISO/IEC 27002:2013 € New ISO/IEC FDIS 27002 and mapping to CCM V4 and NIST 171 Assessment
  • ISO/IEC 27018:2019 €
  • ISO/IEC 27701:2019 €

Risk approach

EnterpriseGRC Solutions participates in the development of content for cloud security products and supports mapping secure configuration and processes as a component of Security Architecture. 

THE ISO/IEC 27002:2013 CHALLENGE

ISO/IEC 27002:2013 Information technology -- Security techniques -- Code of practice for information security controls

You might think that implementing an ISO 27002 ISMS program is fairly straightforward, and even an easy sell to the business and supporting the enterprise.  After all, Information Security is defined by the C-I-A triad, the most well-known model for security policy development.  Who can resist a tried-and-true C-I-A triad? 

  1. Confidentiality, ensuring that information is only accessible to those authorized to have access
  2. Integrity, safeguarding the accuracy and completeness of information and processing methods
  3. Availability, ensuring that authorized users have access to information and associated assets when required

Instead of disparaging everyone who resists the full ISO 27002 ISMS implementation, let's empathize with the sheer willpower and perseverance it takes to drive an organization toward this prestigious achievement.

Main Menu