Problem Statement

The CISO wanted to achieve ISO 27001:2013 ISMS Certification for the Bank as part of the roadmap to enhance information security posture and build investor confidence

Services Delivered

• Conducted a gap assessment against ISO 27001:2013 Requirements
• Developed Policies, Procedures and supporting forms, templates as per ISO 27001 Requirements, Gopalakrishna Committee Recommendations on Cyber Security etc.
• Developed implementation roadmap and provided Project Management Assistance
• Conducted a comprehensive risk assessment, identified risks across organization (Banking Operations, Facilities, Human Resources, IT etc.) and provided recommendations
• Reviewed SDLC practices, IT infrastructure setup etc. and identified opportunities for improvement
• Developed information security awareness material and conducted training for the Senior Management team

Value Provided

• Identified key security risks across along with remediation measures to address the same
• Highlighted the company’s current state, including gaps against ISO 27001:2013 requirements and prioritized recommendations to achieve ISO 27001:2013 certification