Keep on top of
your IT security

Our comprehensive checklist created from the British Standards’ licensed publication and combined with best practice material includes over 120 ISO27001 safeguards.

What are the ISO27001 standards?

  • Internationally recognized ISO/IEC 27001 is a framework which helps organizations manage and protect their information assets so that they remain safe and secure.
  • It can raise information security protection standards and awareness, improve company reputations and stakeholder confidence and reduce the risk of fines or legislative penalties.

Why does this present a problem?

  • First of all, ownership can be hard to assign when someone is wary of the consequences, particularly as shareholder protection is a high profile topic.
  • The complexity of the standard makes it hard to be confident in your processes, particularly after responsible managers have attended training courses.
  • Dispersed assurance data is tricky to collect, if you’re relying on spreadsheets they can be overwritten and have limited scope for audit.
  • Retaining evidence can also be a problem, some firms don’t trust their internal systems and documents are being kept on multiple servers.
  • All this activity comes at a cost and if there is a security breach you may not have long to respond and several teams might be deployed to find the right answer.
  • This is all because breaches come with potentially catastrophic public relations and even financial loss for the worst incidents.

How can Solvassure help?

  • Solvassure’s cloud based technology helps firms adhere to IT security standards, reducing the cost of assurance activities and lending traceability to responsible owners.
  • It achieves this by sending out pre-defined checks to nominated stakeholders from a rules library which is licensed by the British Standards Institute, reporting exceptions in real time.
Platform features

Standards checklist

Manage your IT security procedures effectively using systematic controls licensed from the British Standards Institute.

  • Information security policies
  • Organisation of information security
  • Human resource security
  • Asset management
  • Access control
  • Cryptography
  • Physical and environmental security
  • Operations security
  • Communications security
  • System acquisition, development and maintenance
  • Supplier relationships
  • Information security incident management
  • Information security aspects of business continuity management
  • Compliance

Managed service

We can also provide a managed service to set up and administer your IT security assurance obligations using our technology, whilst you can’t outsource the responsibility you can outsource the process.

  • Free up your team to concentrate on business as usual activities
  • Ensure that all processes are set up and run with minimum effort
  • Improve the quality and effectiveness of your policies and controls
  • Easily scale up (and down) trained resource to meet demand
  • Enrich your compliance productivity, quality and performance metrics
  • Convert fixed costs into variable costs and release working capital
  • Add new regulations into the same service to increase savings further

Secure hosting

Our software as a service solution provides a single source of information twenty four seven and lowers compliance expenditure with cost effective pricing.

  • Secure cloud based platform
  • Data centre conforms to ISO27001
  • Smartphone app with location marking
  • Business hours helpdesk

Key principles

Provide management direction and support for information security in accordance with business requirements and relevant laws and regulations.

Establish a management framework to initiate and control the implementation and operation of information security within the organisation.

Ensure that employees and contractors understand their information security responsibilities before, during and after their employment.

Identify assets and define appropriate protection responsibilities whilst limiting physical and virtual access to information and data processing facilities.

Monitor proper and effective use of cryptography to protect information and defend against malware.

Build information security as an integral part of information systems across the entire lifecycle. including services over public networks and supplier relationships.

Manage security incidents and business continuity consistently and effectively, including communication on security events and weaknesses.

SMCR Compliance Monitoring

Find out more

Where is our material licensed from?

British Standards Institute is the business standards company that helps organizations all over the world make best practice a habit. For more than a century it has been helping to embed excellence into the way people and products work, showing businesses how to improve performance, reduce risk and achieve sustainable growth. As a global leader in helping organisations improve, its clients range from high profile brands to small, local companies in 182 countries.

Assurance Technology.