Requirements
- Organizational structures, governance, and workplace practices.
- Information and data systems, documentation systems, and IT fundamentals.
- Audit principles, practices, and techniques in accordance with ISO standards.
- Management system standards and normative documents required for certification.
- Certification Body (CB) processes and procedures.
- Industry terminology, practices, and expectations relevant to the client’s business sector.
- Common products, processes, and operations across industries to understand client context.
- Application of management system requirements to various organizational types.
- ISMS-specific documentation structures and interrelationships.
- Information security management tools, methods, and techniques.
- Information security risk assessment and risk management principles.
- ISMS processes and current information security technologies.
- ISO/IEC 27001 requirements and implementation principles.
- ISO/IEC 27002 controls (and sector-specific standards if applicable), including: Information security policies, Organization of information security, Human resource security, Asset management, Access control and authorization, Cryptography, Physical and environmental security, Operations and IT service security, Communications and network security, System acquisition, development, and maintenance, Supplier relationships and outsourced services, Information security incident management, Business continuity and redundancy planning, Compliance and information security reviews, Legal and regulatory requirements in information security by geography and jurisdiction.
- Information security risks and technologies relevant to the client’s industry.
- The impact of organization size, structure, and governance on ISMS implementation.
- Legal and regulatory requirements applicable to products or services.
Team
Team size: 170+ professionals
Additional Information
- Professional development and certification support.
- Collaborative and remote-friendly work environment.
- Competitive compensation and growth opportunities.
