Information Security Mgmt. (ISO 27001)


    Engaging employees, customers, and partners in a seamless engagement platform for Information Security

  • Connecting employees at all levels

    LIVE feedback and feed-forward process for information security management

  • Information Security Management

    Responsive and Agile: LIVE Information Security Management Platform

22 Critical Success Factors for Information Security Management (ISO 27001:2013)

  • Organizational Context

    • Understanding the Organisational Context
    • Understanding Stakeholder Expectations
    • Scope of Information Security Management System
    • Information Security Management System
  • Leadership

    • Leadership and Commitment
    • Information and Security Policy
    • Organisational Roles, Responsibilities, and Authorities
  • Planning

    • Actions to address Risks and Opportunities
    • Information Security Objectives and Plans
  • Support

    • Resources
    • Competence
    • Awareness
    • Communication
    • Documented Information
  • Operations

    • Operational Planning and Control
    • Information Security Risk Assessment
    • Information Security Risk Treatment
  • Performance Evaluation

    • Monitoring, Measurement, Analysis, and Evaluation
    • Internal Audit
    • Management Review
  • Improvement

    • Nonconformity and Corrective Action
    • Continual Improvement

The ISO 27001:2013 international standard on Information Security has been prepared to provide requirements for establishing, implementing, maintaining and continually improving an information security management system. The adoption of an information security management system is a strategic decision for an organization. The establishment and implementation of an organization’s information security management system is influenced by the organization’s needs and objectives, security requirements, the organizational processes used and the size and structure of the organization. All of these influencing factors are expected to change over time.

The ISO 27001:2013 Information Security Management Assessment Module within Performax is designed to help organisations ensure continuous compliance to the standard, based on LIVE employee feedback on the key components of the standard. In addition, it presents advanced analytics and collaborative action planning capabilities. There is a 30-day free trial (max. 10 users) available for new customers.

The assessment module can be customised and implemented within 2-3 hours. The initial round of feedback from stakeholders may take 1-2 weeks. Reports are generated in real-time. So, within 2-4 weeks, you’ll be able to ‘sense and respond’ to information security issues, and take action on innovative improvement ideas.

The ISO 27001 information security management system preserves the confidentiality, integrity and availability of information by applying a risk management process and gives confidence to interested parties that risks are adequately managed. It is important that the information security management system is part of and integrated with the organization’s processes and overall management structure and that information security is considered in the design of processes, information systems, and controls. It is expected that an information security management system implementation will be scaled in accordance with the needs of the organization. This International Standard can be used by internal and external parties to assess the organization’s ability to meet the organization’s own information security requirements.

Carrying out the Information Security (ISO 27001:2013) assessment through Performax allows you to engage key internal employees and external stakeholders (customers, partners, etc.) in a LIVE feedback and feed-forward process. Gain multi-stakeholder insights on the 22 critical success factors, derived from the ISO 27001:2013 standard, relevant to your Information Security Management program.

With Performax, organizations can engage employees, partners, suppliers, and customer focus groups in evaluating its effectiveness, strengths and weaknesses, and capturing ‘ideas for action’ for Information Security Management. Using ISO 27001:2013 helps ensure that products and services are produced in a way that follows the highest standards of information and data security, which in turn brings many business benefits.

Performax provides a LIVE employee feedback and engagement platform for Information Security (ISO 27001:2013).

Let’s have a chat!