What is ISO 27001?
It's the gold standard for cyber security management that focuses on implementing an information security management system. ISMS tells, which data assets need protection, how it's done, and how organization evaluates the related risks. Use it to borrow best practices or get certified to reassure clients it is followed.
Here's how Cyberday simplifies your ISO 27001 compliance:
Create an asset inventory in clear parts
Cyberday has own sections for data systems, data sets, other assets (e.g. equipment) and physical premises. With the help of these you understand the assets your cyber security aims to protect.
Identify, evaluate and treat information security risks
When you're documenting e.g. results of risk management or a continuity plan, the documentation card will mostly function similarly, but there's a clear order to use.
Create an automated Statement of Applicability
Controls of ISO 27002 are implemented in Cyberday through tasks. Once you activate tasks and define their current implementation status, the SoA will automatically start turning greener and greener. See details by clicking each cell in the report!
Understand what needs improving and how to do it
Pending tasks in your account will help you get compliant and also go further then the minimum compliance level. First you understand how to get compliant and later you understand how to harden your security even more on each aspect.
Automated employee guidance and awareness training
A big part of ISO 27001 is ensuring the safe operations of organization's staff. Many tasks will require you to define guidelines for people to follow. These will be accepted through Guidebook, which can also be expanded with training material. Policy templates are also available, if you want to create a shareable document from your content.
Systematic processes for internal audits and management reviews
Audits and reviews combine different elements in Cyberday. You will have a task to define the owner and ensure implementation. Documentation cards help you document the results of each audit or review. Procedure will summarize all in a shareable format.