Solution Description
TalPoint provides hands-on guidance and implementation designed to meet the requirements of the ISO 27001 standard. The services prepare an organization to undergo a certification by an accredited ISO 27001 certification body by implementing an Information Security Management System (ISMS).
Who Can Use This?
ISO 27001 is the de facto standard for creating and managing an ISMS. Certification to the standard is the most broadly and globally accepted attestation of an organization’s internal security control structure. Any service organization can benefit from an ISO 27001 certification, especially those who conduct business globally. ISO 27001 is also a great next step for organizations who have already achieved compliance to the SOC 2 Trust Service Criteria and wish to expand the scope and maturity of their security and compliance program.
What’s Included
- Creation of a Statement of Applicability to determine the scope of ISO 27001 compliance
- Customization and implementation of the ISO 27001 Annex A control set
- An ISO 27001 internal readiness audit
- Identification of necessary remediation activities
- Setup of ongoing activities required for ongoing and re-certification (Clause 9.2)
Additional add-on services include:
- Implementation of TalPoint policy set
- Managed ongoing internal audit services
- External audit liaison services
Solution Delivery
Services are delivered remotely by experienced TalPoint experts. On-site services can be delivered at an additional cost to accommodate necessary travel and expenses.
Pricing Model
Services are delivered at a Fixed-Price model and based on defined outcomes. Exact pricing is dependent upon the scope of the environment being assessed for ISO 27001 compliance.