ISO - 27001 Penetration Testing

What is it?

The ISO 27001 standard is used as a framework to ensure that a company’s Information Security Management System (ISMS), is safe, robust and secure.

As part of this standard, ISO 27001 objectives states that ‘Information about technical vulnerabilities of information systems being used must be obtained in a timely fashion, the organisations exposure to such vulnerabilities evaluated and appropriate measures taken to address the associated risk.‘

To satisfy this objective, a penetration test should be carried out to identify vulnerabilities in environments within the ISO 27001 scope.

How Can Ruptura InfoSecurity Help With ISO 27001 Compliance?

As a primarily Penetration Testing organisation, we are able to perform key security assessments against environments within your ISO 27001 scope. This is our main service offering and is targeted at those companies who have already begun their ISO 27001 journey.

For clients wishing to start an ISO 27001, we have various specialist partners who we can put you in touch with to help guide you through this process.

The Main Steps...

Define Scope

In an introductory scoping session, exact scope of testing will be defined. This will be documented and discussed in a way that conforms with ISO 27001:A.12.7.1.

Testing Phase

In this phase, the technical testing takes place. Environments will be assessed using both automated industry standard tools, but also with manual penetration testing techniques.

Report and Debrief

A technical report is issued, highlighting both high level risks and in-depth technical data. Debrief sessions are scheduled, discussing findings and potential next steps.

Talk To Us!

Company No 11644559 | Suite 122, Milton Keynes Business Center, Linford Wood, Milton Keynes, MK14 6GD