SERVICES

ISO 27001 Audit and Implementation

ISO 28000 Audit and Implementation

ISO 20000 Audit and Implementation

Training

Information Security Governance

Risk Management and Compliance

Program Design and Implementation

Specialized Services

Speaking Engagements
KEY QUESTION
How does your organization address new requirements in a systematic and comprehensive way?

Services

ISO 27001 Implementation and Audit

JBW Group International can provide ISO 27001 Implementation Consulting Services for your organization which will result in a defensible Information Security Program whether you decide to officially certify or not. ISO 27001 Audit Services can be utilized for internal and third party audits, as part of verifying contractual requirements from vendor partners and as part of the due diligence process for mergers and acquisitions.

ISO 27001 Implementation consulting services provided by JBW Group International will result in deployment of a fully conformant Information Security Management System (ISMS) for your organization. The level of services is tailored to your organization, whether periodic consulting or a "turn-key" solution is needed.

An ISO 27001 audit in the form of a "readiness assessment" is frequently the first engagement for clients. This brief audit (usually a week or less), completed by IRCA-certified ISMS auditors and qualified implementers, reviews and assesses the organizations Information Security Program against the standard to assess the maturity of the program and identify possible gaps. JBW Group International can also provide second-party internal audits and third-party audits of current and future business partners, vendors, and suppliers.

Methodology
The core of the JBW Group International methodology is the framework of ISO 27001, interlaced with other applicable standards frameworks (ISO 20000 – Information Technology Service Management, ISO 13335-1 – Information Technology Security Techniques, ISO 28000 – Specification for Security Management Systems for Supply Chain [physical security], ISO 27005:2008 – Information security risk management) as appropriate to your organizations. Also informing the methodology are decades of real world security experience in technology, physical security, incident response, business continuity management in the military, government and a multitude of verticals in the private sector.

The methodology is a top-down approach, identifying the organization’s strategic objectives, identification of critical assets, and assessment of associated risks and development of a strategy to treat the identified risks. This approach, like the standards themselves, is measurable, repeatable, scalable, defensible, holistic, and incorporates the concepts of continuous improvement via the Plan-Do-Check-Act (PDCA) model for quality management. It also recognizes information in all the forms including paper documents, video and audio, not just information on disk or transmitted on the network.
 

Tel: +1.877.97.27001
E-mail: info@jbwgroup.com
About Us | Services | Training | News | Resources | Contact Us
Copyright © 2002 - 2010 JBW International. All Rights Reserved. | Privacy Policy | Site Map