The risks in the field of cybersecurity are constantly changing. To avoid surprises, it is important to help develop and permanently optimise security management.
Certifiable standard ISO27001
The basis for the security implementation plan is ISO 27001. This is the only certifiable international standard that defines the requirements for an information security management system. The regular assessment process helps you continuously improve your security. Part of the plan is GDPR compliance.
The environment, and therefore the privacy risks, changes continuously. That is why it is not enough to take one-off measures. Qbit helps by setting up a management system so that you have your privacy in control and it remains at the required level.
We use existing methods and procedures, and ‘best practice’ documents. This way we ‘kick-start’ with immediate and tangible results. We involve your employees actively in the project. In addition, a successful implementation requires management support, good communication and a structured approach.
Qbit uses different standards and/or control frameworks as a basis for the security implementation plan. This depends on your business. Qbit always uses ISO 27001 to implement a management system to design, implement, monitor, evaluate and adjust security measures. Examples are:
- ISO 27002
- NEN 7510 (Dutch healthcare)
- CobiT (financial institutions)
- IT-security guidelines for web application from NCSC (IT service providers)
- NIST cybersecurity framework
Our approach consists of several modules than can be purchased together or individually:
- Risk Assessment or Privacy Impact Assessment.
- Security quick scan (gap analysis)