ISO 27001 – Information Security Management Systems


By adapting to information security management system, an organization has taken a strategic decision to establish, implement, maintain and continuously improve.  The information security management system preserves the confidentiality, integrity and availability of information by applying a risk management process and gives confidence to interested parties that risks are adequately managed.


First and foremost, a management system is a management method, a way to manage information security. It is therefore a management capability, albeit supported by documented information and technology. Being predicted on risk management, ISO/IEC 27001 provides an excellent basis on which to build the management controls necessary to achieve an organization’s mission, to manage risk, to assure effective control and to seek improvements where appropriate.  An ISMS forms part of an organization’s internal control system.


ISO/IEC 27002 is a code of practice for information security management, this standard provides guidance on 114 information security controls structured under 14 major headings. As well as giving detailed guidance for computers and networks, the standard also provides guidance on security policy, staff security awareness, business continuity planning, and legal requirements.


Why MacLead for ISMS?

  • MacLead has been involved in consulting for Information Security Management System for over two decades with a clienteles of 400+.
  • We have expert faculties and facilitators with experience of minimum a decade.
  • The template of Standard Operating Procedures defined by MacLead are in line with the best in class practices.
  • MacLead helps you define and control risk in 4 levels – organizational level, departmental level, process level and product level
  • Many trusted organizations in India and across the world have trusted MacLead in providing the training and consultancy for ISMS implementation



  • Reduction in Risk by incorporating 114 information security controls
  • Cost reductions due to avoiding incidents
  • Smoother running operations by clearly defining responsibilities and processes
  • Improved business image in the marketplace as you will have your processes in line with the best in class practices.

Steps Involved in Implementation

The certification of your quality management system takes place in the following steps. Our experts will be at your disposal during the whole process as competent contacts.

  • Preliminary audit (optional)
  • GAP Analysis (optional)
  • Certification audit: Examination of your documentation and a demonstration of the practical application
  • Issue of certification
  • Annual surveillance audit
  • Re-certification before the end of three years