Feel free to contact me if you want to hear more
Manage your information security
Every company will have a different level of ambition in connection with information security and ISO 27001. Globeteam helps you achieve an information security management that is efficient and fits your company’s particular needs, while also ensuring efficiency throughout the process and continuous improvement.
There are various levels of engagement that a company may have with ISO 27001:
Stages of a typical ISO 27001 project
Our involvement in an ISO 27001 project will, of course, be tailored to your specific project objectives. There are a number of common stages in most projects, however, such as:
Specially trained compliance consultants
Our compliance services are only delivered by consultants who have completed formalised training within information security and data protection/GDPR and/or are certified within these areas.
Due to their longstanding practical experience, the consultants, of course, also have a business approach to solving the task. This ensures that the solutions we come up with are specifically adapted to your company.
Among others, international and national training/certifications include:
Why should you comply with ISO 27001?
The many different and complex requirements within information security make it increasingly necessary for companies to implement a “management system” for IT security work. ISO 27001 is an international management system, and it has the advantage of being the de facto standard in Denmark and the rest of Europe, making it easy to use to gain help and assistance for security work.
Many clients are now directly or indirectly dependent on their providers being able to manage the issue of IT security and also document it. So much so that it is becoming an increasingly common requirement in provider management, and is incorporated in collaboration agreements, often in the form of a requirement about product responsibility insurance. To aid transparency in these scenarios, it is common that requirements are set out in the shape of compliance with a standard. In most cases, this is ISO 27001.
Apart from clients having the safety of IT security being managed correctly via an ISO standard, this standard also means the company’s management and employees have a tool for determining appropriate security levels and future management. They can be sure that information is handled and protected in the right way to lower the risk of security violations. This method is not just about ensuring that the management and employees become involved in relevant decisions; it also future-proofs the business and strengthens competitiveness.
GDPR and ISO 27001
The ISO standard provides useful and relevant guidelines for the management of information security and is a really good foundation for all organisations that want to work with this in a professional and structured way. However, use of the standard is not a guarantee that you are acting in accordance with the rules that the EU Data Regulation and the Privacy Law set out.
When you implement a management system like ISO 27001, there are many things you have to decide, including which areas of the law the system should incorporate. It is therefore important that you take into account the relevant law requirements that are set for the company, be that GDPR, financial laws, health laws, administrative laws, etc.
What is ISO 27001?
ISO 27001 is the result of a global collaboration involving thousands of experts within information security. The standard itself is a long document describing the areas that you as an organisation should review and assess in connection with your work in information security.
The ISO standard includes a foreseeable structure and recommendations for how to plan, implement and manage your work with information security in areas such as: