ISO27001 and ISO27002

eDelta CPA Services P.C. provides readiness and assessment services based on the ISO/IEC 27000 series of standards.

This includes:

  • ISO/IEC 27001:2005 – Information technology – Security techniques – Information security
  • management systems- Requirements
  • ISO/IEC 27002:2005 – Information technology – Security techniques – Code of practice for
  • information security management
  • ISO 27001 standard defines the framework to initiate, implement, maintain, and manage information
  • security within an organization. This standard outlines the requirements for an organization to design
  • and execute an Information Security Management System (ISMS).

ISO 27001 Readiness Review

The focus of a readiness review is on the design of the ISMS itself and its conformity to the requirements of the ISO 27001 standard.

The primary deliverables of our ISO 27001 readiness reviews include:

The detailed project plan for the assessment;
Comprehensive information request list allowing the organization’s personnel to gather documentation in advance of fieldwork; and,
Formal report identifying high-level gaps related to the conformity to ISO 27001

ISO 27002 Compliance Assessment

We provide assessment services based on the ISO/IEC 27000 series of standards. This includes ISO/IEC 27002 titled Information Technology – Security Techniques.

The control domains include the following:

  • Security policy;
  • Organization of information security;
  • Asset management;
  • Human resources security;
  • Physical and environmental security;
  • Communications and operations management;
  • Access control;
  • Information systems acquisition, development, and maintenance;
  • Information security incident management;
  • Business continuity management; and,
  • Compliance.