Compliance Assessments

We assist organisations in implementing ISMS based on good practices and international standards. Organisations are required to obtain independent certification of their information security management systems against the ISO standard. The ISO27000 suite of standards specifies requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System (ISMS), using a continual improvement approach. We help organisations prepare for certification by doing risk assessment, gap-analysis and design an integrated ISMS covering all the domains described in the standard:

Information Security Policies
Organisation of Information Security
Human Resources Security
Asset Management
Access Control
Physical and Environmental Security
Operations Security
Communications Security
Systems Acquisition, Development, Maintenance
Supplier Relationships
Security Incident Management
Business Continuity


ISO 27001:2013
ISO 20000
PCI-DSS 3.1/3.2
COBIT 5 Review and Implementation
Dubai-ISR Applicability Review
ADSIC ISS 2.0 Review
NESA Assessment
ISA/IEC 62443