Governance Risk Compliance

ISO - 27001

 

ISO - 27001

ISO - 27001

OVERVIEW

ISO 27001 is the international standard which is recognised globally for managing risks to the security of information you hold.

Certification to ISO 27001 allows you to prove to your clients and other stakeholders that you are managing your information’s security. ISO 27001:2013 (the current version of ISO 27001) provides a set of standardised requirements for an Information Security Management System (ISMS). The standard adopts a process-based approach for establishing, implementing, operating, monitoring, maintaining, and improving your ISMS. The ISO 27001 standard and ISMS provides a framework for information security management best practice that helps organisations to:

  • Protect client and employee information
  • Manage risks to information security effectively
  • Achieve compliance with regulations such as the European Union General Data Protection Regulation (EU GDPR)
  • Protect the company’s brand image

The Challenge

In line with the ISO-27001 compliance, it is necessary to visually label all of the documents with their classification level. Generally, it is challenging for a person who works on a document to apply a correct classification level to a document. Such could be hard to distinguish between Internal and Confidential, Confidential and Highly-Confidential and so on.

Another big challenge is to keep asset and risk registers for ISO-27001 compliance. It requires a lot of discipline, dedicated personnel, and defined and controlled workflows to keep it up to date. Usually, when re-audit happens, companies almost need to go through the procedures, controls and measures all over again that causes considerable overhead.

The Solution

We help our customers to be compliant with ISO 27001 and other primary compliance mandates. For ISO 27001 compliance, or to match internal classification policies, it is crucial to classify every document consistently and align with your company classification standards. For such cases, we have developed the GV Synergy agent that empowers end-users by giving tag suggestions based on our Machine Learning and Natural Language Processing. A user can now use the GV tag suggestions to label the document they are working on. In case the user decides to go with a different classification, we either use this to tweak our ML model (automated, anonymous learning) or mark this as a security issue based on the ML prediction confidence (the user made a mistake).

More precisely, when the ML prediction confidence is low, it is an indicator that ML has not seen this type of document before, and it makes sense to use the user’s suggestion to improve the accuracy. Alternatively, if the confidence is high, then this user is making a classification mistake. We have built an extensive taxonomy set that covers over 70 various categorisation labels. We label each document under a high-level category such as HR or Finance or Legal, and so forth. This allows us to have a very granular view of the data content, allowing our customers to precisely understand each document’s content and file stored across the company’s estate.

Speak to one of our experts

Get in Touch

Getvisibilty offers a unified solution to solve organisations' unstructured data. The Getvisibility solution is a paradigm shift in how companies can solve data classification


Book a Demo

Our Services

Quick Links

Contact Us

  • Head Office
  • Building 4700, Cork Airport
  • Business Park, Co. Cork, T12 XE1E

  • London Office
  • 85 Great Portland Street
  • First Floor, London, W1W 7LT

Contact Us

© Getvisiblilty - Website by Doodle Creative.