ISO 27001
ISMS (Information Security Management System) implementation and certification support, Gap Analysis and Internal Audit provision.
You have come to the right place if you have been considering implementing ISO27001, the international standard for information security.
In order to meet your security demands, we offer a variety of professional services with an emphasis on ISO27001:2013 and the new edition of ISO27002:2022.
Gap Analysis
Uncertain about where to begin? Our expert team will carry out a Gap Analysis for you.
The Gap Analysis is designed to identify your strengths and shortcomings, we will compare you to standards such as ISO27001, CIS, NIST, and others.
This service offers guidance on what you should do next.
Whats included:
- 2 to 4 day engagement
- Perfect for SME or larger businesses
- Insight into current ISO27001 compliance
- Structured interviews
- Practical advice & guidance
Implementation
Desire ISO 27001? No issue. We offer the policies, processes, assistance, and direction you require with our Implementation service so you can become certified quickly.
The procedure is easy, fun, and practical, facilitating understanding and profit for your business.
Whats Included:
- Engagements from 6 to 15 days
- Perfect for SME or larger businesses
- All mandatory policies
- All mandatory procedures
- Development of audit plans
- Conducting audits
- Training & awareness tools
- Conducting training & awareness
- Management reviews
Virtual Security Officer
In order to free you up to focus on operating your company, this service offers ongoing support for all your compliance requirements.
Whats included:
- All Compliance needs covered
- Development of a Governance framework
- Management of ISO standards
- Guidance and support of ISO27001, and related data protection regulations
Third-Party ISO Audits
We provide Third-Party ISO Audits for Certification Bodies covering:
- ISO 27001 (also ISO 27017 & ISO 27018)
- ISO 22301
- ISO 9001
Cyber Essentials
Ensuring you are compliant with the Cyber Essentials/Plus frameworks.
The certification scheme was launched in 2014 by the UK Department for Business, Innovation and Skills and is operated by the National Cyber Security Centre (NCSC).
CSC2 can help you show compliance to Cyber Essentials and Cyber Essentials Plus ahead of your certification assessment.
Implementation
Cyber Essentials is a UK government-backed cyber security certification scheme that aims to help organisations implement basic cyber security measures and protect themselves against common cyber threats. It provides a framework of controls and best practices that organisations can implement to mitigate the risk of cyber attacks.
ISO 22301
ISO 22301 is an international standard that specifies the requirements for establishing, implementing, maintaining, and continually improving a business continuity management system (BCMS). The standard provides a framework to help organisations identify potential threats and implement measures to ensure the continuity of critical business functions in the event of disruptions.
Are you looking to implement a BCMS in line with ISO 22301? Look no further - get in touch today
Gap Analysis
As with ISO 27001 our expert team can carry out a Gap Analysis for you.
This service offers guidance on what you should do next.
Implementation
We offer the policies, processes, assistance, and direction you require with our Implementation service so you may hang that certificate on your wall.
The procedure is easy, fun, and practical, facilitating understanding and profit for your business.
Third-Party ISO Audits
We provide Third-Party ISO Audits for Certification Bodies covering:
- ISO 27001 (also ISO 27017 & ISO 27018)
- ISO 22301
- ISO 9001.
HMG Assurance
HMG Assurance, also known as His Majesty's Government (HMG) Assurance, refers to the process of assessing and providing assurance for information and communications technology (ICT) systems used within the UK government. It is a set of standards and guidelines that help ensure the confidentiality, integrity, and availability of government information and systems.
Assurance
End-to-end accreditation service using IS1 & 2 or NIST. Our CCP Consultant can provide a threat assessment and RMADS creation.
This entails supplying security assurance specialists who may be integrated into important programmes across a number of industries, including central government and defence contracts.
As well as assisting business clients in adhering to legal and regulatory standards including the Data Protection Act of 2018 and the General Data Protection Regulation (GDPR), it also provides compliance guidance for handling sensitive and private data on the cloud or offshore.
This means that, in the context of government contracts, we offer the specialisations required to lead projects and programmes through the formal accreditation and certification of personnel and resources processes.
Cyber Assessment Framework (CAF)
The NCSC CAF (National Cyber Security Centre Cyber Assessment Framework) is a comprehensive framework developed by the UK's NCSC. It is designed to assess and improve the cyber security posture of organisations, particularly those within the UK public sector.
A comprehensive service that covers all aspects from critical systems to scoping to evidence pack assembly and remediation planning.
If you need assistance with any part of the CAF from Critical Systems scoping to Self-Assessment, let’s talk.