​

Information Security Management Systems (ISMS) and Business Continuity Management Systems (BCMS) - Consulting, Audits and Assessments, Training

 

Information security is our passion.

​

We extend all services related to information security. The domain is very vast and the spread is too much. We help organisations build an ISMS covering all relevant, required elements to suit to their business. 

​

The frameworks and standards we use include, to create an ISMS:

• ISO/IEC 27001:2022

• ISO/IEC 27002;2022

• ISO/IEC 27005:2022

• ISO/IEC 27032:2012

• PCI DSS

• NIST Cybersecurity Framework v2.0

• ISO 22301:2019

• ISO/IEC 27701:2019

 

ISO/IEC 27001:2022 Foundation, Practitioner, Lead Auditor, Internal Auditor Training, PCI DSS Implementer Training

​

GRC Mentor has a host of trainings related to information security / cyber security. Refer to the training page in this portal. The training progams include

• IRCA accredited ISO/IEC 27001;2103 Lead Auditor training

• ISO/IEC 27001:2022 Lead Implementer training

• PCI DSS Implementer training

• NIST Cybersecurity Practitioner / Implementer / Professional level training

​

Information security / ISMS consulting

​

We extend consulting on information security based on ISO/IEC 27001:2013, PCI DSS, NIST Cybersecurity framework.

​

We help organisations create the entire system from scratch and handhold them till certification (if certification is needed) and beyond.

​

Internal Audit, Readiness Assessment, Second Party Audits

​

ISO/IEC 27002:2022 establishes guidelines and general principles for initiating, implementing, maintaining, and improving information security management in an organization.

The objectives outlined provide general guidance on the commonly accepted goals of information security management.

ISO/IEC 27002:2022 contains best practices of control objectives and controls in the following areas of information security management: