ISO/IEC 27001 penetration testing & vulnerability analysis
complying with information security management standards
Penetration testing and vulnerability analysis is an essential part of ISO/IEC 27001 Information Security Management System (ISMS) certification and control objective A12.6.1 states that ‘information about technical vulnerabilities of information systems being used shall be obtained in a timely fashion, the organisation’s exposure to such vulnerabilities evaluated and appropriate measures taken to address the associated risk’.
Testing is usually carried out once the scope of the ISMS, and its associated assets, have been identified, but there are other stages that may benefit from security testing. These include, when identifying vulnerabilities as part of the risk assessment process or when ensuring that the controls put in place are effective.
As part of Shearwater Group plc, we can offer a full range of services related to IEC/ICO 27001, helping clients obtain and maintain certification.
get in contact today
the benefits of penetration testing and vulnerability analysis as part of ISO/IEC 27001 certification
We go through a rigorous process, ensuring that you get the best possible outcome and to comply with the set IEC/ISO 27001 standards. Below we outline the key stages our penetration testing and vulnerability analysis goes through:
why choose us?
want to find out more about our compliance services or looking to start testing? Our team are on hand to provide you with the information and support you need.