ISO 27001 Maryland

Information Security Management Systems and Cybersecurity

ISO 27001

Information Security Management Systems and Cybersecurity

A successful ISO 27001 project will require your company’s commitment to provide resources and complete goals and homework which arise as the result of the workshops shown in the menu below.  Registration through a third-party registrar cannot be achieved without it.  Generally, nine to twelve months is the norm for completing ISO 27001 Implementation, although it can be accomplished in six months.  WCH cannot stress enough how important it is for your company to commit to the project in order to be successful.

It is possible to implement several standards at the same time.  For example:  ISO 9001 and ISO 27001 can be implemented simultaneously.  It is even possible to add ISO 45001.

The following menu is representative of the consulting services that may be provided during an implementation project.

It is also possible to request any of these services separately on an as needed basis.

ISO 27001 Gap Analysis

On-site visit to review current documents and processes, and to determine gaps between same and the requirements of The Standard.

ISO 27001 Kick-off Meeting / Management Presentation

Staff Meeting to determine all processes in the organization and responsibilities for each.  

The Presentation will focus on MANAGEMENT RESPONSIBILITY and COMMITMENT, which is essential for success of the Management System.

Review / Establish the company's Policy and Objectives.

ISO 27001 Top Level Manual

Development / editing of a manual that establishes policies for all required elements of The Standard.  There are items that need to be recorded in a centralized location.  WCH believes the Manual is a good vehicle for accomplishing this.  Additionally, in most companies, WCH finds that customers request a copy of the Manual in their "Supplier Surveys."

ISO 27001Procedure Development

Drafting the first version of flowcharts for all required processes (usually between 10 & 20), and ensuring the company can issue procedures to the system.  Procedures will be developed in flowchart format using Microsoft Word.  Where possible, the company’s existing documentation will be used and / or modified as necessary.

 

A meeting with the appropriate employees will be scheduled to draft the procedure or process.  A second meeting may be held after each participant has had an opportunity to review the draft version.  Changes required will be incorporated into the procedure or process before final review and approval.

ISO 27001 Coaching and Consulting

On an as needed basis the WCH consultant will observe procedure steps and tasks, provide suggestions, and answer questions to ensure procedural documentation and corresponding actions taken by employees are mirror images.

ISO 27001 Employee Understanding & Awareness Training

WCH will provide all employees with a basic overview of the system, the Standard requirements, their responsibilities and what to expect when the registrar conducts the Registration Audit.​

ISO 27001 Internal Auditor Training

A sound auditing program is vital to the health and continual improvement of the Management System.  Internal System Auditors will be trained in the requirements of The Standard and process auditing techniques. 

ISO 27001 Second Party Internal Audit

In lieu of Internal Auditor Training, WCH Professional Services provides qualified Internal Audit support, performing value-added audits in a cost- and time- efficient manner. 

ISO 27001 Management Review Support

WCH will provide guidance and instruction so that the company can hold a Management Review meeting independently.  WCH will review meeting minutes and provide any additional instruction / comment post-meeting.  WCH can also provide additional support to mentor the company’s first annual Management Review meeting. 

ISO 27001 Registration Audit Support

WCH can attend one day of Stage 1 of the Registration Audit and also work with the company to address any concerns that the Registration Auditor brings to light during Stage 1.  It is also possible for WCH to attend Stage 2, if requested.

ISO 27001 Registrar Selection

WCH may assist in the identification and selection of a “partner” Registrar company as well as an effective Auditor from the selected company​.

Please reload

Show More

WCH PROFESSIONAL SERVICES

STANDARDS IMPLEMENTATION EXPERTS

Business Management Consulting

  • Facebook Social Icon
  • YouTube Social  Icon

AS9100 - IATF 16949 - ISO 9001 - ISO 13485 - ISO 14001 - ISO 17025 - ISO 22000 - ISO 27001 - ISO 45001

Blueprint Reading, cGMP, Core Tools, QA Inspector, Statistical Process Control, Supplier Audits

Copyright 2019 - WCH Professional Services, LLC