IS2ME

The Method

IS2ME starts by evaluating the security of the organization by collecting information through interviews with staff, field tests and technical analyses. This information is then compiled in a report that states the level of implementation of the different security measures. A proposal for an action plan is produced from it. After the approval of the plan by top management, it is developed and implemented, establishing a basis for complying with and deploying the Information Security Management System according to ISO 27001.

IS2ME follows a holistic and extremely practical oriented approach which allows the user a simple and immediate application, just by following a sequence of well defined phases. They are showed in the next graphic and will be described in the following sections.

Introduction Objectives The Method

Identification of Liaison Representative

General Data Collection

Technical Data Collection

Information Analysis

SEIS Report

SEIS Report Presentation

IASAP Document

IASAP Document Presentation

IASAP Implementation

Conclusions