ISMS consultancy from the people who wrote the standards
Consultancy and training services
IMS-Smart specialises in Integrated Management System (IMS) services. We are particularly expert in ISO/IEC 27001, having helped to write the standard and create the original British Standard (BS 7799-2:2002). We are also experienced in ISO 9001 and ISO 22301.
Critical success factors for operating an ISMS
ISO/IEC 27001 specifies what you must do to achieve conformance, not how to do it. It is like being given the ingredients and told to make a cake, but not being given the recipe. Whilst there are many good recipes, some are much better than others. For success:
It is essential that your project team takes ownership of the ISMS. IMS-Smart’s role is to assist you to do that. We start with a series of tutorials in which you will gain a correct understanding of the ISO/IEC 27001 requirements and how your organisation can fulfil them. Quite soon into the tutorials, the team will be set a variety of tasks to marshal your existing documented information and processes to fulfil as many of the requirements of ISO/IEC 27001 as possible. If required information or processes do not exist, you will be shown how to create them.
As your work on these various tasks proceeds, the tutorial nature of our meetings declines, and the meeting transition into technical review meetings, as illustrated in the figure below. Still later, there will be another transition. Whereas in the first two groups of meetings IMS-Smart is the convenor, tutor and moderator, in this third phase you will be the convenor and IMS-Smart will just be a participant, albeit perhaps in an expert capacity. In this phase you will recognise that your organisation is ready for certification.
Our work can be performed remotely using virtual meeting platforms.
Productised IP-led service for building IMS
Our approach to assisting organisations to develop their ISMS capability is well established – so much so that we can also offer it as a “Productised Intellectual Property-led Service”. This provides an elegant and fast way to construct integrated management systems, and, as explained in our more detailed page, and allows you to extend your ISMS capabilities to other parts of your organisation. This is the approach taken by the Civil Service in Mauritius, and uses the overarching-subordinate concept.
The new PIMS standard (ISO/IEC 27701:2019) augments and refines ISO/IEC 27001 and ISO/IEC 27002. It adds about 50 controls to ISO/IEC 27001 Annex A. The extension assists with demonstrating compliance to the GDPR and is straightforward to implement with IMS-Smart On-Line. We can help you do this.
Management system integration
We can help you integrate your management system with other management systems that you might have or establish an integrated management system capability from scratch. All new and revised management system standards now conform to new ISO Directives concerning high level structure and identical core text, which assists to identify common elements.
Specialist ISMS services
Because of our in-depth knowledge of ISO/IEC 27001 we are able to offer a range of specialist ISMS services including:
We are able to offer you a variety of virtual concerning all aspects of implementing the new breed of management system standards. Some of these courses are part of our PIPS, whilst others are being especially developed to meet market demand.
Your next step
If you would like more information on these services, or you would like to find out what else we can do for you, please do not hesitate to contact us - we’d be happy to help.
you consent to that site setting authentication session cookies
|© IMS-Smart Limited, 2013-21|
|Page last updated: April 2, 2021|