Back

Coral assisted Nitor achieve ISO 27001 2022 implementation

Coral assisted Nitor achieve ISO 27001 2022 implementation
Sep 9, 2024

Coral advised Nitor Infotech to implement ISO 27001 2022 requirements

 

Nitor Infotech is in the business of software development and associated services with office in Pune, India

 

Coral assisted Nitor in upgrading from ISO 27001:2013 to ISO 27001:2022.

 

Here are the key steps Coral implemented

 

Understand the Changes: Coral explain the new requirements to the client that made them aware of the new changes.

 

Gap Analysis

 

  • Coral performed a Gap Analysis: Coral compared the current ISMS (Information Security Management System) against the requirements of ISO 27001:2022.

 

Updated Risk Assessment

 

  • Review Risk Assessment Approach: Coral updated the risk assessment methodology enabling alignment with the updated controls and risk landscape.
  • Incorporate New Controls: Coral Integrated the new controls from Annex A into the risk assessment, ensuring they are applied where necessary.

 

Updated ISMS Documentation

 

  • Update Policies and Procedures: Coral revised existing policies, procedures, and other ISMS documentation to reflect the new requirements and controls.
  • Update Statement of Applicability (SoA): Coral modified the SoA to map the new and updated controls, justifying their inclusion or exclusion based on your risk assessment.
  • Update Control Implementation: Coral assisted in implementing the new required controls, and adjust existing controls to meet the revised requirements.

 

Training and Awareness

  • Training: Coral educated relevant personnel on the changes in the standard and how it affects their roles. Coral ensured the team is aware of updated controls and processes.
  • Raise Awareness: Coral conducted awareness sessions on the changes to ensure all employees understand the updated security measures.

 

Internal Audit

  • Revised Audit Criteria: Coral updated the internal audit processes and checklists to reflect the new standard requirements.
  • Conducted Audits: Coral carried out an internal audit to verify that your updated ISMS is compliant with ISO 27001:2022.

 

Management Review

  • Conducted a Review: Coral assisted top management reviews the updated ISMS, including changes made to align with ISO 27001:2022.
  • ISMS Performance: Coral assessed how well the ISMS is performing after implementing the updates, focusing on any identified risks and new controls.

 

By following these steps, Coral ensured a smooth transition from ISO 27001:2013 to ISO 27001:2022 while maintaining the integrity and effectiveness of Nitor ISMS.

 

 

ISO 27001 2022 Implementation
Consulting Overview
Cyber Security/Cloud Security
AI Management System
AICPA
Privacy & Security
Health Information Security
Automotive Cyber Security
Business Continuity
Integrated Management System
Enterprise Risk
IT Governance
Quality Management
Environmental Management
Internal Audits
Contact Us
CORAL eSecure CORAL eSecure

© 2024 www.coralesecure.com. All rights reserved | Privacy Policy