
ISS Consulting & Integration


Information Security Audit
Protect your information system!
The Information System Security Audit (ISS Audit) is a methodical exam of a situation related to information security to verify its conformity to objectives, rules, standards, or reference systems.
It covers the following aspects:
- Evaluation of the security level within the Information System
- Measure the gap between the required and the executed security level
- Identification of security vulnerabilities affecting the security organization
- Proposition of an action plan to improve the level of security of the Information System
- Adoption of a methodological approach based on three key steps: Organizational Audit, Physical Security Audit and Technical Audit
AUDIT OF THE SECURITY INFORMATION SYSTEM
ORGANIZATIONALAUDIT
PHYSICAL AUDIT
RISK ANALYSIS
TECHNICAL AUDIT

INFORMATION SYSTEM SECURITY CONSULTING
Elaboration of a Business Continuity Plan
- Support in the implementation of a PRA/PCA
- Optimization of the efficiency/cost ration of the PRA/PCA plan
- Set up the Crisis Cell by simulating a disaster.
Elaboration of the Information System
- Security Policy Implementing a global information system security policy in line with the security standards and the client's SI context
- Elaboration of specific ISS policies
Elaboration of the Information System Security Master Plan
- Support in the implementation of the SSI master plan
- Elaboration of the implementation plan and of the Information System Security Master Plan update plan
Information Security Management System (ISMS)
- Assistance in the implementation of SIMSS
- Support in the ISO27001 process


ISO27001 Certification: Support process
The ISO27001certification represents a guarantee of security for customers and partners.
It allows you to have:
- An IS security dashboard
- Performance KPIs for monitoring work
- Normative and regulatory compliance
- An application of good IS security practices
- Coverage of all areas of the ISO27001 standards
- An updated risk treatment plan
Our offer targets the following objectives:
- Inventory of IS security management practices
- SMSI Pre-Audit and ISO27001 Gap Analysis
- Coaching, consulting and RSSI assistance
- Post-audit support to correct gaps
