ISO27001CERTIFICATIONPLUS GENERALCOMPLIANCE &REGULATIONREQUIREMENTS

Acquiring the knowledge needed for an organization to comply with

regulatory requirements can take a tremendous amount of time and

e�ort. An expert consulting company such as Comsec can save your

organization from struggling with an unfamiliar domain, shorten the

time taken to achieve compliance, and significantly reduce the

resources that would be expended if trying to do this alone.

What is ISO27001 Certification Plus General Compliance and Regulation Requirements?Since Comsec was established more than 30 years ago, hundreds of organizations

have used our services to help them to comply with the ISO 27001 family of

standards and to obtain certification. Over the years, Comsec has adjusted its

methodology based on feedback from our clients to support the client in achieving

the highest possible level in terms of technology, cyber security, compliance with

regulation and professionalism.

Your organization might need to comply with di�erent legal, statutory, regulatory

or contractual obligations related to information security and privacy requirements.

The ISO 27001 standard takes all of this into account and Comsec will handle it for

your organization.

The certification is solely for ISO27001 but an organization can choose any valid

approach for implementation. For that reason, the ISO has a family of standards,

such as ISO27002, ISO27799, ISO27032, and many more, that an organization can

adhere to. Comsec will help you to select the appropriate framework and guide you

in achieving compliance.

All of our GRC team members are certified Lead Auditors and have extensive

knowledge and experience in many industries. All of our customers have gone on

to receive their certification, without exception.

Clients ProblemsLack of knowledge and experience will make it very di�cult for an

organization attempting to achieve compliance independently. The

time-consuming lack of clarity and inability to understand regulatory

implications might be very costly in terms of price, prestige and

non-compliance with the law.

Comsec’s Solutions Comsec has the appropriate solution for your organization. Our methodology has

proven again and again that we do the work e�ciently and to the satisfaction of our

customers. Comsec experts have proven their ability to deliver many ISO27001

projects in di�erent industries, and for organizations of all sizes.

FAQs

ISO27001 Certification Plus General Compliance & Regulation Requirements

Defining the scope of the ISMS (Information Security Management System).

Building an Asset Mapping registry which includes Inventory, Ownership, acceptable use and returning of assets.

Performing a Risk Assessment process to identify risks associated with the loss of Confidentiality, Integrity and Availability (CIA) for information within the scope of the ISMS.

Formulate an information security risk treatment mitigation plan based upon the Risk Assessment.

Execute a Risk Mitigation program to determine the controls that are necessary to mitigate the relevant information security risk.

Formulate a set of required Policies and Procedures to support the ISMS.

Produce an SOA (Statement of Applicability), a registry of all controls stating the level of compliance to each control in the ISO27002 standard and in any other set of controls.

Final Audit assistance and certification.

How long does the preparation take?

4 to 6 months.

Do we receive

certification?

Yes. Your organization will

have to engage a separate

Certification Firm that will

audit you and provide you

with theISO 27001

certification.

How much does it cost?

Non-compliance with

the Privacy Policy

regulation might cost

tens of thousands of

shekels.

Comsec UK Comsec BV Comsec HQ

286 Euston Road London, NW1 3DP, England Tel: +44 (0) 2034638727 info@comsecglobal.com

Hogehilweg 4 1101 CC Amsterdam The Netherlands Tel: +31 (0) 102881010 info@comsecglobal.com

Yegia Kapayim St. 21D P.O.Box 3474, Petach-Tikva Israel 49130 Tel: +972 (0) 39234646 info@comsecglobal.com