Treadstone 71 ISMS, ISO27001/2, and ISO27005 Services cover the areas necessary to prepare you for the ISO27001 audit and subsequent certification.  Treadstone 71 teaches what to expect from an auditor and how to pass the certification on a yearly basis.  Using a holistic approach to assessing your risk through a standard ISO27001 gap analysis, Treadstone 71 examines people, process, and technology ensuring you start small while preparing for significant expansion in your ISO27001 program. If you are preparing for an assessment, an audit or looking to baseline your environment, you will find no other organization with the experience and expertise than Treadstone 71.  We don't go finding independent contractors to short term work. We deliver the solution ourselves.  We offer rapid risk assessment approaches as well as in depth assessments that analyze your posture and operational maturity.

Are you finding that companies are bombarding you with questionnaires on your security posture?  A ISO27001 Certification can significantly alleviate much of this pain, improve your overall security posture and drive efficiencies in your IT environment.  Treadstone 71 provided oversight to a ISO27001 certification effort that resulted in a successful audit and the awarding of a multi-million dollar contract as a direct result of the certification.

Treadstone 71 measures risk through practical analysis of your control objectives identifying processes and procedures that are critical to the success of your ISO certification effort.  Through the practical application of countermeasures (we do not use a sledgehammer to push in a tack), Treadstone 71 takes you through the process of scoping, the statement of applicability, assessment, document, training, controls implementation and eventual certification. The process is proven!

If you don't have a risk management framework, we can assist in developing one that fits your environment.  Updates to policies, and procedures, infosec organizational improvements, asset identification and configuration management through to access control and technology acquisition and continuity management, Treadstone 71 uses the framework of the auditors to prepare you for your certification audit.

We cover all ISO27001/2 clauses and domains while educating you on the audit process leaving no stone unturned.

Contact us today to find you how you can get started.

ISO27001 Lead Auditor Training is available at attractive rates through our partner Veridion

• To understand the fundamental concepts and practices of ISO 27001 audits based on ISO 19011.
• To understand the application of an Information Security Management System (ISMS) in the context of ISO 27001:2005 and the relationship of the ISMS, including risk assessment and controls, to information assets belonging to the organization, its customers, and its partners.
• Become proficient in the role of an auditor, in order to: plan, conduct, report, and follow up with an audit in accordance with ISO 19011 and ISO 27001.
• To develop proficiency in using audit techniques and methodologies and be familiar with current tools.
• To develop the students' ability to orally present audit results in a coherent, dynamic, and systematic fashion and to write audit reports. To know how to provide direction and guidance to audit team members and prevent and resolve conflicts during an audit.

Copyright 2002 Treadstone 71 info@treadstone71.com  1-888-687-8450 Office - 508.519.0363 Fax

ISO17799, OCTAVE, CISSP, CISM, Sarbanes Oxley, SOX, CobiT, 27001, ISMS, ISO-27001, ISO 27001, ISO27001, 27005, 27002, GRC, prevention, 17799, proactive, FISMA, defense in depth, arabic, jihadi, cyber jihad, cyber terrorism, holistic security, 201 CMR 17, governance, risk, compliance, Jeff Bardin, Wireless Security, CMM, ITIL, ITSM, Sarbanes Oxley, security awareness, risk, threat, threat matrix, security metrics, ISO1779 training, 21 CFR 11, NSA IAM, BITS, risk management, security in the sdlc, secsdlc, security program, security strategy, business impact analysis, Treadstone 71, bourne, CISM, penetration testing, risk, GRC, detective controls, preventative controls, HIPAA, GLBA, Graham-Leach-Bliley, SAS 70, intrusion detection, interim CISO, interim CIRO, CIRO, CISO, chief security, FFIEC, financial services, trust, continuity, risk assessment, maturity, vulnerability scans, data classification, assessments, disaster recovery, homeland security, security metrics, rosi, roi, training, security posture, threat vulnerability pairs, vulnerability management, security services, information security, risk management, business risk, controls, holistic security, defense in depth, Governance, Risk and Compliance, information risk management