Information Security Management Standard

The ISO/IEC 27001:2005 Information Security Management Standard (ISMS) also known as ISO 27001 standard is used in conjunction with ISO/IEC 27002, the Code of Practice for Information Security Management. The ISO 27002 lists the security control objectives and the security controls.

Virtustream Security Solutions ComplyVision™ solution has been designed to guide audit teams through a structured methodology that strictly follows the ISO 27001 standard and helps prepare the certification package complete with assessment, analysis and documentation. The solution also allows creation, maintenance and reporting of the Plan of Actions (POA) throughout the pre- and post-audit process.

ComplyVision™ solution provides a full view of your current security posture through self-assessment while breaking down the improvement process into straightforward, manageable and repeatable steps. Using methodical analysis, potential security gaps are identified and addressed with authentic, real-world solutions.

ComplyVision™ asset module provides comprehensive documentation and also allows you to define the dependencies between systems to create a full knowledge of the Enterprise Architecture (EA). The identification and documentation of the dependencies is the most critical requirement for conducting risk assessment and impact analysis, which in-turn are critical for risk mitigation plans including Business Continuity and Disaster Recovery Plans (BCP/DRP).

ComplyVision™ solution creates a comprehensive and intuitive step-by-step approach to assess your ISMS and preparedness.

For Continuous compliance, consider combining the ComplyVision™ solution with the ThreatVision™ solution.

For additional information on how the ComplyVision™ and ThreatVision™ solution can help you in your preparation of FISMA C&A package, FISMA audit and Continuous Compliance, please contact our experts at 703.310.6449, or e-mail us at [email protected].