Problem Statement
The CISO wanted to achieve ISO 27001:2013 ISMS Certification for the Bank as part of the roadmap to enhance information security posture and build investor confidence
Services Delivered
- Conducted a gap assessment against ISO 27001:2013 Requirements
- Developed Policies, Procedures and supporting forms, templates as per ISO 27001 Requirements, Gopalakrishna Committee Recommendations on Cyber Security etc.
- Developed implementation roadmap and provided Project Management Assistance
- Conducted a comprehensive risk assessment, identified risks across organization (Banking Operations, Facilities, Human Resources, IT etc.) and provided recommendations
- Reviewed SDLC practices, IT infrastructure setup etc. and identified opportunities for improvement
- Developed information security awareness material and conducted training for the Senior Management team
Value Provided
- Identified key security risks across along with remediation measures to address the same
- Highlighted the company’s current state, including gaps against ISO 27001:2013 requirements and prioritized recommendations to achieve ISO 27001:2013 certification
