Implementation of an Information Security Management System based on ISO/IEC 27001


Service that consists of providing a complete accompaniment in the creation, implementation and operation of an Information Security Management System (ISMS) based on ISO/IEC 27001. This service focuses on providing complete advice ranging from the definition of the scope of the ISMS that will be created, the evaluation of current compliance and the creation of all the documentation requested by the standard for the creation of the ISMS, to the implementation and training in operation of the created system. Additionally, as a complement to this service, organizations that wish to obtain an ISO/IEC 27001 certification can request the support of SISAP in making the first contact with an authorized certifying entity to provide this type of accreditation.


ISO/IEC 27001 is a standard that includes controls and best practices for the proper management of information security within any organization. Many organizations, either for compliance or for their own objective, want to start with the process of adopting these good practices and also with the implementation of the Information Security Management System that the standard establishes. However, this is a process that can become very long and complicated if you do not have the necessary knowledge to implement what is mentioned by the standard. This service is ideal for any organization that wants to incorporate the good information security practices of ISO/IEC 27001 into business processes.