HomeServicesSecurity ComplianceISO27001
 

NIST / ISO 27001 Compliance

Lunarline provides comprehensive implementation services for ISO 27001.  Lunarline is a proven leader in providing Information Security services to the government and commercial organization to meet DoD, NIST and other security standards.  ISO 27001 is the international standard for an information security management system and utilizes the security controls of ISO 27002/ ISO 17799 to protect an organization’s valuable assets. We provide a unique advantage in helping our customer integrate security controls from ISO 27002 and other standards such as NIST 800-53 revision 3 to meet government requirements. We can tailor our process also to include compliance with the Department of Defense (DoD) Policy 8500, Director of Central Intelligence Directive (DCID) 6/3, ISO/IEC Standard 17799, General Accounting Office (GAO) Federal Information System Controls Audit Manual (FISCAM), and Health and Human Services (HHS) Centers for Medicare and Medicaid Services (CMS) Core Security Requirements.

ISO 27001 is an international standard that not only advises an organization on the security controls to adopt, but sets guidance on establishing a system to implement, measure and monitor those controls to ensure they are effective. ISO 27001 is a management system standard that helps an organization adopt practices and processes to support the protection of assets. This includes requirements related to:

  • Establishing the scope and policy of the Information Security Management System (ISMS)
  • Conducting a Risk Assessment
  • Selecting and implementing controls to protect assets
  • Monitor and measure the effectiveness of the controls
  • Document the security policies for the organization
  • Establish document and record control policies
  • Provide information security awareness training to employees
  • Conduct internal audits of the ISMS
  • Establish a corrective and preventive action system to handle new and potential security breaches
  • Review and report the status of the ISMS to top management

EXPERT IN NIST / ISO 27001

Lunarline understands that implementing this type of system is time consuming and your internal resources are busy with their primary work.  Our goal is to make the implementation easy for your organization by providing the following within our program:
  • We work with you to establish the scope, boundaries and policies of the system
  • We interview your employees to determine the current security policies in place
  • We conduct the risk assessment
  • We develop the security policies based on your practices and controls you wish to implement
  • We work with your employees to assist in the implementation of controls
  • We establish training materials and conduct awareness training with your employees
  • We train your employees on internal auditing and conduct the first internal audit of your system
  • We assist you in data gathering and conducting the first management review meeting
  • We help you resolve any issues and prepare you for the ISO 27001 certification audit

Call us today to learn how you can be certified to ISO 27001 in less than 6 months.  Our security specialist are happy to answer any questions and provide a free ISO 27001 overview training to help your organization understand the standard, the implementation process, how ISO 27001 can protect your company’s most valuable assets, and how ISO 27001 certification may win you more Federal and commercial work.


Please email ISO27K@lunarline.com or call 571.481.9300 for more information and a free quote.