ISO 27001:2005 standard is the natural evolution of the BS7799-2:2002 standard, a British standard that defines the requirements for an Information Security Management System. The International Organization for Standardization published this standard in October 2005, and it is appropriate for all organizations that aim to implement an Information Security Management System (ISMS).
The principal challenge in implementing an ISMS is in designing and prioritizing actions to be compliant with all requirements established by the standard.
Modulo Risk Manager helps you evaluate your organization’s compliance score by analyzing risks, identifying controls to be deployed, and helping decision makers prioritize actions and investments to comply with ISO 27001.
How Modulo Risk Manager helps your business:
- Provides index- and metric-based risk assessment that helps you measure your organization's level of compliance with ISO 27001
- Supports your organization in obtaining ISO 27001 certification
- Specifies the controls required for your organization to comply with ISO 27001
- Provides best-practices-based recommendations to deploy necessary controls
- Collects and centralizes data related to technology assets (software and equipment) and non-technology assets (people, processes and environment)
- Exploits automated evidence collection technology to increase productivity by up to 70%
- Provides a comprehensive evidence repository
- Tracks risk evolution
- Generates executive reports that enable you to monitor the evolution of control implementation
- Automates the compliance process, allowing regular monitoring with minimal additional effort
