You are here: Home / Clients / Completed Projects / Assessment of Bank ISMS Compliance with ISO 27001

Assessment of Bank ISMS Compliance with ISO 27001

Assessment of Bank ISMS Compliance with ISO 27001

In 2008 GlobalTrust completed assessment of compliance of information security management system (ISMS) of one of the largest Russian banks with ISO 27001 requirements. The Bank has started implementation of ISO 27001 reflecting the best practices in the sphere of information security management long ago. Receipt of international type ISO 27001 compliance certificate will positively influence the image of the Bank and attitude of shareholders.

In the course of this project GlobalTrust specialists performed the following work:

  • Analysis of ISMS documentation
  • Analysis of existing IS management processes and signs of ISMS functioning
  • Assessment of completeness and effectiveness of IS measures taken in the organization
  • Interviews with ISMS personnel, assessment of competence and awareness level
  • Analysis of inconformity with ISO 27001 requirements
  • Preparation of expert opinion on ISMS compliance with ISO 27001
  • Development of recommendation on elimination of existing defects and assurance of compliance with ISO 27001

 

GlobalTrust experience in the sphere of implementation, preparation and holding of ISO 27001 certification of ISMS and close and long-term partner relations between GlobalTrust and the British Standards Institution (BSI), the developer of this international standard and global leader in the sphere of management system certification, contributed to the quality of work performed.
GlobalTrust was one of the first companies in Russia dealing with implementation and certification of organizations' ISMS since 2005. GlobalTrust is also an authorized distributor of BSI, developer of Russian versions of international standards on information security and business continuity management; it also has the status of BSI Registered Member.

The results of this work will allow the Customer to develop and implement the plan for preparation to ISO 27001 certification.