ISO 27001 ISMS Advisory

What We Do

What does it mean to be ISO 27001 compliance

Internationally recognized standard

Protect and enhance your reputation

Comply with business legal contractual and regulatory requirements

Internationally recognized standard

Protect and enhance your reputation

Comply with business legal contractual and regulatory requirements

Complying with ISO 27001 aligning with your business goals

Business regulation and business goals are constantly at odds with each other, while business goals are normally trying to push products and services to the clients as soon as possible, regulations tend to slow the process down to achieve better security. Our role as an advisor is to integrate the regulation seamlessly within the business process while maintaining the integrity of your organisation’s information security.

Annual auditing for compliance

Every ISO 27001 certified organization must conduct an audit annually, providing evidence stating the standard has been maintained with the day-to-day operations. MXC consultants with 16+ years of experience in ISO 27001 could assist organizations to prepare the required documentation and evidence for the preparation of an audit.

Client Results

Data Leakage Could be Avoided – Property agency

A Pillar of Application Security – Secure Software Development Life Cycle

Growing Hong Kong financial service group looking to expand their security team in need of cybersecurity knowledge

Our Approach

Phase 1 - Gap Analysis

MXC security professionals will conduct an analysis of gaps in your current system against the requirements of ISO 27001.

Phase 2 - Risk Assessment

This involves meetings and discussions with the key stake holders of your organization. A comprehensive risk assessment is then conducted on the critical information assets, based on which appropriate controls to mitigate the identified risks are selected.

Phase 3 - Risk Treatment

During this phase MXC will formulate a strategy for the implementation of the controls selected in the previous phase. This will include the formulation of Information Security Policies & various procedures supporting the policies.

Phase 4 - Control Implementation

The implementation roadmap, which is the outcome of the previous phase will guide your organization’s team in the implementation of the identified controls. During this phase MXC consultants will advise and guide the implementation team.

Phase 5 - ISMS Readiness Review

This phase will review the readiness of the client to achieve ISO 27001 certification. MXC will guide and prepare the client’s audit team to conduct internal audits.

Phase 6 - Certification audit

Finally, you will face the certification body’s team of auditors. MXC consultants will hand hold your team during the audit and help you in achieving the ISO 27001 certification.