troubleshooting Question

Control assessment for a small / medium company

Avatar of Goraps
GorapsFlag for Canada asked on
* iso27001* pci complianceSecurity
11 Comments1 Solution80 ViewsLast Modified:
I've been asked to source the below for a small / medium business.  Any help with this would be great... Templates and or explanation on what is required.

  • A written information security program to protect the confidentiality, integrity and availability of our information.  Professional certification such as ISO27001, PCI-DSS AOC, SOC Type II

  • Not sure what they are asking for here...... Do you have established controls for assessing and ongoing oversight of the adequacy of your own partners / suppliers IT Security postures?

  • Corporate incident response policy and a formalized breach notification process

Thanks!
ASKER CERTIFIED SOLUTION
Hemil Aquino
Network Security Engineer
Join our community to see this answer!
Unlock 1 Answer and 11 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 11 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros