Phase 1 of a full ISO 27001 program
Deliverables:
• Gap analysis against ISO 27001 Clauses 4–10 + Annex A controls
• Initial review of your policies, procedures, and security posture
• Risk context high-level discussion (sometimes a light risk analysis)
• Statement of Applicability draft or guidance
• Final report + implementation roadmap
• Additional advisory calls can be packaged in as well
This package can be scoped to include exactly what you need.
Expert advisory services available to assist clients with evidence collection, certification audit preparation practices, ISO 27001 and ISO 27002 clause and Annex A control interpretations and real-world implementations, user-base adoption strategies, and industry best practices.
Assistance in creating documentation that not only achieves ISO 27001 compliance, but also best fits your business model and work culture. ISO has some strict standards, but there is plenty of room to make ISO compliance work in your unique work environment.
Nexus, L.L.C. can conduct internal audits that are required before certification audit. We are certified to audit ISO management systems. We cannot provide consulting and auditing services to the same client, as that would be a conflict of interest, violating the independence requirement in clause 9.2.
Please fill out the contact us form and I will be in touch to answer questions or schedule a meeting to discuss your business needs and ISO 27001 goals.