Menu
ISO 27001 - Information Security Management

ISO 27001 - Information Security Management

Ensure confidentiality, integrity, and availability to information assets critical to the Company

Evaluate and manage risks
Protect the data
Protect the data

Ensuring the security of confidential and personal information and intellectual property through the introduction of technical, procedural, and physical controls

Improve corporate culture
Improve corporate culture

The introduction of the standard helps employees to better understand the risks and take care of safety into their daily routine.

Increase credibility
Increase credibility

By introducing the standard, the company shows that it considers international best practices, which increases the credibility of the brand

Analysis of the current situation

At the initial stage of implementation of ISO 27001, it is necessary to carry out an error-analysis of current systems. As a result of the assessment of the situation, the company will receive information about the level of security, which will allow it to pay proper attention when planning a strategy that should be in line with the business needs and goals.

 Analysis of the current
Risk
Risk assessment

Information security risk assessment is the most critical stage in the implementation of ISO 27001, during which a register of information assets is created, risks are identified, analyzed, and evaluated. The risk assessment methodology should include:

  • Company security requirements
  • The scale of the risks
  • Acceptable level of risks

 

Risk
Book a meeting and learn more about ISO 27001
Book a meeting and learn more about ISO 27001
Risk management

In this phase, the BDO Digital team will develop a strategy for implementing the control mechanisms selected at the risk assessment stage. The risk management strategy is based on the following principle:

  • Risk reduction
  • Risk acceptance
  • Risk transfer/insurance
  • Risk avoidance
 Risk
Implementing control
Implementing control mechanisms

In accordance with the risk management strategy, the company implements the necessary policies/procedures for information security management and effective control mechanisms. All of this will enable the company to ensure the confidentiality, availability, and integrity of critical information assets.

Implementing control
Head of Cyber and Informational security department

More than 8 years of experience in the field of information security. Has been leading cyber and information security management system in BDO for 2 years. At the time, under his leadership, the international standard for information security management ISO / IEC 27001: 2017 was implemented.

Anzor Mekhrishvili

  • Amekhrishvili@bdo.ge
  • 598212007
  • Linkedin
  • Get acquainted with the trends and news