GLBA News

Security Management Partners Announces ISO Compliance Consulting Services

(Sept 05, 2007)-- Security Management Partners (SMP), an independent information security consulting firm, announced details of its ISO Compliance consulting services. SMP is one of the few information security consulting firms in the U.S. to have completed the intensive training required by certification bodies and to facilitate the ISO/IEC 27001:2005 registration process.

ISO 27001:2005 is an information security management system standard that was published by the International Organization for Standardization and the International Electrotechnical Commission in October 2005. It is intended to be used in conjunction with ISO 17799, the Code of Practice for Information Security management, which lists security control objectives and recommends a range of specific security controls. Certification against ISO/IEC 27001 warrants an organization's Information Security Management
System as closely aligned with the standard.

James P. Achille, President of Security Management Partners, stated, "Achieving and maintaining ISO 27001 is an ongoing journey that requires continual guidance by a trustworthy, independent third-party, such as SMP.
We have significant ISO expertise and are one of the few consulting firms in the country to have completed the rigorous training required to support ISO 27001 certification."

SMP's ISO Compliance consulting services can be contracted on a selective or total engagement basis. This comprehensive offering includes preparation or review of the implementation plan; management of the progress of one or all aspects of the implementation plan, such as information management security system development, documentation, employee training, procedure execution, internal audits, etc.; selection and
scheduling of the Registrar; preparation and counsel for the management review meeting; onsite support for Registrar audits and related guidance;and resolution of ISO-related issues as required.

Achille continued, "ISO certification can be instrumental in a number of areas -- not only does it improve overall organizational efficiencies, it ensures stakeholders, partners, suppliers and customers that the company
adheres to best practices. It also reduces liability risks and helps align with other requirements, such as HIPAA, Gramm-Leach-Bliley and Sarbanes-Oxley."

As of January 2, 2007, 42 ISO 27001 certificates were issued in the United States. Among certified organizations are entities such as CitiGroup, World Bank, United Nations and Federal Reserve Bank.
Certification is rapidly extending to a wide variety of organizations across industries such as healthcare, financial services, manufacturing, technology and telecommunications.

Share or bookmarklet this web page at: