The Method

IS2ME starts by evaluating the security of the organization by collecting information through interviews with staff, field tests and technical analyses. This information is then compiled in a report that states the level of implementation of the different security measures. A proposal for an action plan is produced from it. After the approval of the plan by top management, it is developed and implemented, establishing a basis for complying with and deploying the Information Security Management System according to ISO 27001.

IS2ME follows a holistic and extremely practical oriented approach which allows the user a simple and immediate application, just by following a sequence of well defined phases. They are showed in the next graphic and will be described in the following sections.