Please note that strategic assets and staff of Arsenal Security Group’s U.S. and U.K. operations have been obtained by Protiviti. Beginning January 15, 2013, this site will redirect you to www.protiviti.com. Protiviti is a global consulting firm that helps companies solve problems in finance, technology, operations, governance, risk and internal audit, and has more than 70 offices in over 20 countries.

ISO-27002 Compliance Assessment

ISO-27002 Compliance Assessment is an industry accepted unified framework for performing a risk analysis or gap assessment to determine current level of compliance.
Click here to pdf brochure.

The Quick Read

	Industry accepted unified compliance and governance framework
	Ability to assess level of compliance, identify gaps and determine risk to your business
	International Standard that has achieved worldwide acceptance as a management model for Information Security
	Click Here to download ISO-27002 Compliance Assessment (pdf)

Who Needs an ISO-27002 Compliance Assessment?

	Companies that want to understand their current level of compliance with an industry accepted framework that provides coverage for SOX Regulations, FFIEC and GLBA Mandates and HIPAA Standards.
	Companies in need of a unified compliance framework for corporate governance.
	Companies seeking to reduce risk, document compliance performance, and demonstrate security due diligence to auditors, board members and customers.

What is ISO-27002 Compliance Assessment?

ISO-27002 Compliance Assessment is an industry accepted unified framework for performing a risk analysis or gap assessment to determine current level of compliance.

Using a unified framework to perform your compliance assessments offers consistency across all of the various regulatory requirements.

The ISO-27002:2005 and the ISO-27001 is based on the following twelve key domains:

	Risk assessment and treatment		Security policy
	Organization of information security		Develop a security strategy
	Human resources security		Physical and environmental security
	Communications and operations management		Access control
	Information systems acquisition, development, and maintenance		Information security incident management
	Business continuity management		Compliance

ISO-27002 Compliance Assessment Engagement Process and Deliverables

After an initial call, the Arsenal Security Group Senior Information Security Professional will prepare a statement of work within 2 days and we normally can begin an engagement within two weeks. During the engagement we will use interviews, questionnaires, physical tours and technical tools to develop our assessment. We usually use 1-2 consultants in tandem with our Senior Information Security Professional to complete an engagement. We will provide an executive summary, a detailed report with all of our findings and recommendations, and a final onsite presentation. Our engagement is not complete until all of our deliverables have been reviewed and accepted by our client.

About Arsenal Security Group
Arsenal Security Group is a security consulting firm that is focused on close client coordination and collaboration. From the initial meeting through the final presentation, one of Arsenal Security Group’s Senior Information Security Professionals will be the primary contact for all engagement activities.We proactively conduct weekly calls with our client when engaged and meet with clients on a quarterly basis to review and understand their security posture – even when we are not actively engaged on assignment to ensure they are aware of new security risks or regulatory changes they may impact their business.