ISS Consulting & Integration

ISS Consulting & Integration

Information Security Audit

Protect your information system!

The Information System Security Audit (ISS Audit) is a methodical exam of a situation related to information security to verify its conformity to objectives, rules, standards, or reference systems.

It covers the following aspects:

    • Evaluation of the security level within the Information System
    • Measure the gap between the required and the executed security level
    • Identification of security vulnerabilities affecting the security organization
    • Proposition of an action plan to improve the level of security of the Information System
    • Adoption of a methodological approach based on three key steps: Organizational Audit, Physical Security Audit and Technical Audit

AUDIT OF THE SECURITY INFORMATION SYSTEM

ORGANIZATIONALAUDIT

PHYSICAL AUDIT

RISK ANALYSIS

TECHNICAL AUDIT

INFORMATION SYSTEM SECURITY CONSULTING

Elaboration of a Business Continuity Plan


    • Support in the implementation of a PRA/PCA
    • Optimization of the efficiency/cost ration of the PRA/PCA plan
    • Set up the Crisis Cell by simulating a disaster.

Elaboration of the Information System


    • Security Policy Implementing a global information system security policy in line with the security standards and the client's SI context
    • Elaboration of specific ISS policies

Elaboration of the Information System Security Master Plan


    • Support in the implementation of the SSI master plan
    • Elaboration of the implementation plan and of the Information System Security Master Plan update plan

Information Security Management System (ISMS)


    • Assistance in the implementation of SIMSS
    • Support in the ISO27001 process

ISO27001 Certification: Support process

The ISO27001certification represents a guarantee of security for customers and partners.

It allows you to have:

    • An IS security dashboard
    • Performance KPIs for monitoring work
    • Normative and regulatory compliance
    • An application of good IS security practices
    • Coverage of all areas of the ISO27001 standards
    • An updated risk treatment plan

Our offer targets the following objectives:

    • Inventory of IS security management practices
    • SMSI Pre-Audit and ISO27001 Gap Analysis
    • Coaching, consulting and RSSI assistance
    • Post-audit support to correct gaps