Two ISMS case studies





While waiting impatiently for today's stormy NZ weather to subside so I can get outside and survey the damage, I spent a productive few hours writing-up a pair of recent consultancy assignments as case studies for the SecAware website.



< The first case study concerns helping a US tech support company to regain its ISO 27001 certification by rebuilding its failed ISMS.

Officially, the assignment was simply an ISMS internal audit. In practice, it involved some lightweight mentoring and support for a capable CISO.





ISMS implementation project case study



T
he second case study concerns consultancy support for a 6-month ISMS implementation project for an innovative NZ agritech company >

Again, although the centrepiece of the assignment was an ISMS management review, it involved gently mentoring and guiding the project managers (two contractors) and providing assurance for the client's senior management - plus stress-reduction when both contractors departed shortly before certification.