×

ISMS Continual Improvement Process

 

What do Organization Do after ISMS Certification ?

What Happens after ISMS Certification is achieved?

  • No Reports  Maintained
  • No ISMS Compliance
  • No ISMS Trainings
  • No Risk Assessment
  • No Real Time Vulnerability Management
  • No regular penetration tests
  • No Physical Security & Fire Safety Maintenance
  • No Security Incident Management
  • No BCP Tests
  • No Regular Audits

End Result

  • Total Breakdown of ISMS System
  • Weak Security Posture
  • No Business Resilience
  • Customer Confidence Lost
  • Risk to Information Increases
  • Reputation Loss
  • Failure in Certification Audits

What Happens During Audit

  • VAPT Audits are not conducted
  • I don’t have BCP & other Periodic Test Reports
  •  How to arrange all reports  for  all the departments which they  have not adhered
  • We have not conducted ISMS Review Meetings &  MRMs
  • Periodic Audits are not conducted
  • We have not closed last year’s Audit Findings

You need ISMS Team 

Total Cost of Ownership of In-house Team

Our ISMS Maintenance Services

Once ISO Standard is implemented, the organization will be required to undergo periodic maintenance and Audits to ensure that the system is being maintained on real time basis to ensure the upkeep of effective compliances. The following are the deliverables of our maintenance services :-

  • Keeping the site ready for Security Audits based on ISO 20000 Standards at real time basis
  • Conducting Internal security audits, including surprise audits and scheduled audits.
  • Conducting Periodic ISMS &  Management Review Meetings as per the periodicity
  •  Monthly ISMS Dashboard Compilation as per ISO 20000 Standard requirements
  •  Monitoring of ISO 20000 compliance  and  Legal Requirements  for all the processes.
  •  Monitoring Risk Management Process to mitigate the risks with appropriate treatment of risk
  • Monitoring ISMS Objectives of the organization and Highlighting the issues which effect the achievement of objectives.
  •  Conducting VA-PT  for 5 IPs every Quarter & 1 Web Application (20 pages) annually.
  • Monitoring the vulnerability reporting and patching mechanism and suggesting the appropriate mitigation action.
  • Training the  Trainers every Six months or on any new  changes in the policies and providing certification to 1000 employees.
  • Monitoring Information security Incident Management Process to monitor and verifying efficacy of root cause analysis of the security Incidents.
  •  Keeping all required controls, reports and matrices of all the related departments ready as per ISO 20000 standard.
  •  Monitoring the BCP Tests & Fire Drills conducted as per the periodicity by the client’s respective teams.
  •  Suggesting the improvements to security posture of the organization to the Management on regular basis.
  •  Closing the audit observations along with corrective and preventive actions.
  • Interacting with CB’s & Clients for all upcoming audits and closing the audit findings
  • Helping in filling up RFPs of various clients and attending client meetings / conferences.

Our ISMS Maintenance Schedule

PeriodicityResource
Daily Compliance AdherenceOffsite daily Monitoring by GIS Team for daily compliances via mail alerts
Weekly Compliance CheckOffsite Monitoring & Review by one Sr. Resource for all Departmental Compliances
Monthly Compliance Dash BoardOnsite Presence of GIS Security Manager once a month.
Quarterly VAPT / WAPTOnsite presence of Senior Resource to conduct VAPT
Half Yearly AuditsOnsite Presence of Senior Resource for Half Yearly Audits
Yearly BCP DrillsYearly BCP Tests

Your Virtual  ISMS Team

Total Cost of Outsourcing ISMS Function to us

Benefits of Outsourcing ISMS Function to us

Benefits are as under : –

  • Real-Time ISMS Compliance thereby creating Audit Ready Environment.
  • Saves cost on costly ISMS Resources.
  • Saves productive time of your operations teams & costly resources which participate in ISMS Adherence & audit preparation hence “Increasing Productivity”.
  • 100% availability of ISMS team due to backup team availability.
  • High Customer Confidence thereby increases business stability and possibilities of winning new opportunities.
  • Your client’s infosec queries are answered before time

Case Study : Panasonic India Pvt. Ltd.

Client Name :-   Panasonic India Pvt Ltd. (Corporate Office)

Client Address :-   12th Floor Ambience Towers, Gurgaon

Industry Type  :-     Consumer Electronics Goods Manufacturer

Client Requirement :-

1.ISO 20000 Compliance.

2.Security Compliance from Parent company in Japan

3.Security Audit Readiness.

4.VA-PT Compliance.

5.Awareness Trainings.

Solution Provided :-

1.Deployed one senior resource

2.Weekly Visits for compliance checks

3.Quarterly ISO 20000 Audits Conducted

4.VA-PT Conducted Half Yearly

5.Yearly Certification Audits.   

Case Study : Sandhar Technologies

Client Name :-   Sandhar Technologies Ltd. (Corporate Office)

Client Address :-   Plot no.13, Sec -44, Gurgaon

Industry Type  :-     Automobiles

Client Requirement :-

1.ISO 20000 Compliance.

2.Client RFPs and Audits

3.Security Audit Readiness.

4.VA-PT Compliance.

5.Awareness Trainings.

Solution Provided :-

1.Deployed one senior resource

2.Weekly Visit for compliance checks

3.Quarterly Audits Conducted

4.VA-PT Conducted Quarterly

Yearly Certification Audits.

Case Study : Usha International Ltd.

Client Name :-   Usha International Ltd. (Corporate Office)

Client Address :-   Plot No. 15, Sec-32, Gurgaon

Industry Type  :-     Consumer Electronics Goods Manufacturer

Client Requirement :-

1.Cyber Security Audit Readiness.

2.VA-PT Compliance.

3.Awareness Trainings.

Solution Provided :-

1.Deployed one senior resource onsite.

2.Daily Visits for compliance checks

3.Deployed Offsite & Onsite resources for VA-PT.

4.VA-PT Conducted Half Yearly

Case Study : ELI Research

Client Name :-   ELI Research (Corporate Office)

Client Address :-   Sec 28, Faridabad

Industry Type  :-     Market Research

Client Requirement :-

1.Cyber Security Audit Readiness.

2.VA-PT Compliance.

3.Client Audits & RFPs.

Solution Provided :-

1.Deployed one senior resource onsite.

2.Daily Visits for compliance checks

3.Deployed Offsite & Onsite resources for VA-PT.

4.VA-PT Conducted Half Yearly

Case Study : Lets MD

Client Name :-   Medbay India Pvt Ltd. (Corporate Office)

Client Address :-   Sector – 3, Noida

Industry Type  :-     Medical Insurance

Client Requirement :-

1.ISO 20000 Compliance.

2.Security Audit Readiness.

3.Regulatory Compliance from CIBIL for Cybersecurity.

4.VA-PT Compliance.

5.Awareness Trainings.

Solution Provided :-

1.Deployed one senior resource

2.Fortnightly Visit for compliance checks

3.Quarterly Audits Conducted

4.VA-PT Conducted Quarterly

5.Yearly Certification Audits.   

Brands Which Trust us

We along with our industry experts have been instrumental in providing consultation to the reputed client base for achieving their goals in standardizing their management processes. Few of the clients are mentioned as under :-

Contact Us

Toll Free:-

1800 212 676767

+91- 9990587147

+91- 7982238384

Canada Office : 255, Prescott Avenue, Toronto, ON M6N3G9, Canada.

Middle East Office :- #49, B Ring Road, Al Muntazah, Doha, Qatar, PO Box: 206 170

United States :  13731 Monarch Vista Dr Germantown MD 20874

Corporate Office : Level 2, Augusta Point, Sector 53,Golf Course,Gurgaon-122002

Registered Office : Plot No. 144,  3rd Floor, Pocket-11, Sector – 24, Rohini, Delhi

Testimonial

What people are saying

Jaspal Singh

Outstanding and inexplicable services were received by us as a Stellar from GIS consulting team for the ISO 27001 implementation and Cybersecurity. It would,indeed, have become a major hurdle for us to obtain this most desired certification if we hadn’t got accompanied by this incredible consultancy team of professionals. To be honest, the team members present in GIS consulting team are extremely high knowledgeable, professional and skilled. A special and big thanks to Mr. Naveen Dham, for being with us everytime we felt struggled while implementing any stuffs related to infosec. Hats off.

Jaspal Singh, Sr. Quality & Compliance, Stellar Data Recovery,
Ashish Agarwal

Strength of Global IS Consulting lies in their team of seasoned professionals led by their CEO who has helped Interglobe in strengthening it’s security posture by conducting regular vulnerability assessment and penetration testing to help us secure our environment.

Ashish Agarwal, Assistant Manager, Interglobe Enterprise Ltd,
Aditya Khullar

Thanks to Cybersecurity Team of Global IS Consulting who has been instrumental in protecting us from latest cyber threats through their extensive penetration testing done on our networks and financial webportals. We appreciate the remediation actions implemented by the team to make us compliant to PCI DSS Standard.

Aditya Khullar, Manager Information Security, Interglobe Enterprise Ltd.,
Sandeep Chauhan

Global IS Consulting is one of the most professional and committed consulting organization that we have come across. Helmed by Mr Naveen Dham, the company efficiently and effectively built a Management System based on IS 27001:2013 standard for our organization. The best part was the level of involvement and keen participation in all the activities pertaining to the certification process of the organization.

Sandeep Chauhan, DGM Quality, PL Engineering (Punj Lloyd Group),
Amandeep Bawa

Thanks to CEO of Global IS Consulting for helping us achieve ISO27001 Certification by indepth implementation and maintaining it for last 5 years in row. Appreciate the professional approach, dedication and massive knowledge carried by the team.

Amandeep Bawa, IT Head, Panasonic India Pvt Ltd, Corporate Office Gurgaon,
Durgesh Upadhyaya

We appreciate the support provided by CEO of Global IS Consulting; Mr. Naveen Dham for helping us achieve ISO 27001 and every year ISMS maintenance provided for real time compliance to ISO 27001 standard

Durgesh Upadhyaya, Admin Head, Panasonic India Pvt Ltd, Corporate Office Gurgaon,
Navjeevan Kumar

Global IS Consulting is a group of experienced, talented and committed professionals. The CEO of the organization with his team has always shown his best in every project handled by them in the past. He has been instrumental in certifying our client Aircel for ISO 27001:2013 and maintaining it for last 3 years.

Navjeevan Kumar, Head Infra, Wipro Infotech Ltd.,
Sandhya Khamesra

CEO of Global IS Consulting, Naveen Dham is very professional in his work. He has an indepth knowledge of ISO 27001, PCI DSS, ISO 20000 and various other IT Standards and is able to quickly adapt the requirements of the standards required with what the client wants to accomplish, resulting in a lot of value addition to the clients. He has a wide variety of implementation scenarios in his background that he can draw information from. We highly recommend Naveen for any ISMS, ITSMS, PCI DSS and cybersecurity consultation projects.

Sandhya Khamesra, North Business Head, BSI Group,
Rumila

Hats off to CEO of Global IS consulting who has been maintaining our ISO 27001 & ISO 20000 standard maintenance since our inception. Their Cybersecurity experts have been instrumental in protecting us from latest cyber threats through their extensive penetration of our network and patching them in time.

Rumila, Senior Vice President, Silaris Informations Pvt. Ltd.,
get in touch
We are accepting new projects

GIS Consulting was incorporated with Mission to Empower Customers, effectively manage their "Digital Assets", to protect, comply and grow the business profitably, in the Data, Network and Application (DNA of every business) protection and management space.

Get in touch with our experts for all your Information Security Needs.

    Clients

    Happy business industry Clients