Contact us

Case Study - ISO27001 Re-certification Readiness

A financial services firm dedicated to managing sensitive customer information and financial transactions.

Client
Undisclosed
Service
Cybersecurity

The Challenge:

To prepare for ISO27001 re-certification. The client aimed to ensure compliance with ISO27001 standards by conducting an internal audit, reviewing policies and procedures, performing a vulnerability audit, conducting a secure configuration audit against CIS benchmarks, and organizing security awareness sessions.

The Solution:

  • Ensure compliance with latest version of ISO27001 ISMS standard.
  • Identify and mitigate vulnerabilities in the IT infrastructure.
  • Review and update existing policies and procedures.
  • Ensure secure configuration of systems in line with CIS benchmarks.
  • Enhance employee awareness of security practices.

Overcoming challenges:

  • Internal Audit Report: Comprehensive audit findings, non-conformities, resolutions, and evidence of compliance.
  • Updated Policies and Procedures: Revised policies, updated procedures, employee feedback integration, and communication records.
  • Vulnerability Audit Report: Scan results, vulnerability categorization, remediation actions, and post-remediation findings.
  • Secure Configuration Audit Report: Inventory, CIS benchmark comparison, deviations, remediation actions, and final configurations.
  • Security Awareness Training Materials: Training agendas, schedules, content, attendance records, and feedback summaries.
  • Compliance Documentation: Complete ISMS documentation, risk assessments, continuous monitoring records, and review updates.
  • Management Review Meeting Minutes: Agendas, discussion records, decisions, action items, and follow-up tracking.
  • Recertification Readiness Report: Summary of preparatory activities, readiness assessment, recommendations, and presentation for management.

The ISO27001 recertification readiness project ensured compliance through a comprehensive internal audit, updated policies, vulnerability and secure configuration audits, and security awareness training. This resulted in mitigated vulnerabilities, securely configured systems, and enhanced employee security awareness, positioning the client for successful ISO27001 recertification.

What we delivered

  • Governance and Compliance
  • Risk Assessment
  • Vulnerabilty Assessment
  • Configuration Review
Staff
50+
Endpoints
32+
Project value
$54K

More case studies

iGA leads GoB migration to the cloud

iGA is committed to providing digital integrated services, government statistics, developing systems, and adopting the latest trends in the ICT field.

Read more

Sijilat in the cloud

Sijilat is Bahrain's commercial registration system, streamlining business establishment and management through efficient online services.

Read more

Tell us about your project

We’d love to hear about your project and how we can help bring it to life. Drop us a message and we’ll get back to you.

Say Hello