Mobius Consulting assisted in implementing an Information Security Management System (ISMS) at a leading financial institution, with the primary objective of obtaining ISO27001 Certification. The scope of certification pertained to a core banking platform, along with related core banking processes.
In order to ensure this was possible, Mobius used a practical and technologically-led approach to:
Define the organisation’s ISMS scope
Perform a gap assessment against ISO27001 and ISO27002, to understand where implementation efforts needed to be specifically focused
Perform a risk assessment over all information assets that make up the core banking platform
Develop, review and implement all artefacts and processes as required by the standard, and in alignment to the Plan-Do-Check-Act model
Train key stakeholders around the continued maintenance and operation of the ISMS
Conduct an independent audit of the implemented ISMS, prior to the external certification body audit
We utilised the Phinity suite of technology products to ensure the efficient implementation and continued sustainability of the organisation’s ISMS.
The end result? ISO27001 certification, best practice information security, and satisfied regulators. Contact us if you want to become ISO 27001 certified.