Astral adopts the ISO 17799:2005/ BS7799-1:2005 Information Technology Security Techniques Code of practice for information Security Management for the implementation of ISMS.
Astral can frame and help in implement ISMS policy and procedure for any organization and Help in for organizations to get certification under BS ISO/IEC 27001:2005/ BS 7799-2:2005 which is the certification standard for ISMS.
It consists of 11 security control clauses, 39 security categories and 133 security controls. This standard follows the PDCA model for ISMS processes.
The ISMS adopts the following stages to support organization emulate the standards and qualify for compliance and certification.
Plan (Establish the ISMS)
Establish ISMS policy, objectives, processes and procedures relevant to managing risk and improving information security to deliver results in accordance with an organization's overall policies and objectives.
Do (Implement and operate the ISMS)
Implement and operate the ISMS policy, controls, processes and procedures.
Check (Monitor and review the ISMS)
Assess and where applicable, measure process performance against ISMS policy, objectives and practical experience and report the results to the management for review.
Act (Maintain and improve the ISMS)
Take corrective and preventive actions, based on the results of the internal ISMS audit and management review or other relevant information, to achieve continuous improvement of the ISMS
Astral's ISMS Implementation Services
DELIVERABLES
Astral is an ISO 9001 : 2008 company. Independent Member of Geneva Group International (GGI) www.ggi.com.We use Proaudit a CAAT software for risk-based internal audit compliant with international standards for the professional practice of internal audit as updated by IIA from time to time.
More details:View company website