Are cyber security and/or data privacy concerns keeping you up at night? Our clients sleep better, confident that their cyber security programs are aligned with leading cyber security frameworks, industry standards and best practices. At PMG we realize that no two organizations are the same when it comes to their information security needs. Every organization is unique in the information they collect, store or process and thereby every organization needs a tailor-made implementation and maintenance of their information security management systems (ISMS). PMG’s objective is to become a trusted partner in OUR client’s journey to ISMS (ISO 27001) implementation.

PMG has three models of ISMS implementations:

Basic Model:

This is most suited for small to medium sized enterprises wherein PMG ISMS ISO 27001 Toolkit (based on pre-packaged templates) is implemented in its entirety. This is typically most cost-effective in small/medium enterprises.

Blended Model:

This is typically used by medium to larger organizations where there already exist some security frameworks and/or processes and hence complete adaptation of templatized processes may not be possible. In these implementation, PMG ISO 27001 Toolkits are often partially adapted, tailored and blended with client’s specific existing processes and needs to enhance their existing security environments.

Bespoke Model:

This implementation mode is usually preferred by larger organizations whose information security needs are extensive and complex. PMG advises and provides consultation on a need-basis and per the specific needs and requirements of the business and regulatory environment the client operates in

It is PMG’s strong advice to companies of all sizes, big and small, to have a robust security framework implemented. A robust security framework will always provide true-security and if there ever is a breach despite the security implementation, clients would be able to demonstrate to their customers, shareholders and a judge and jury that the breach was a result of a one-off event rather than a systemic problem. That is the power of a defensible cyber security program.

ISO 27001 Tool Kit

Minimum set of documents and records required: By: ISO/IEC 27001:2022 download

Sample 3rd-Party Security Risk Assessment Questionnaire download

Sample Asset Register ISO 27001 Toolkit download

ISO 27001 Controls Toolkit download

SoA for ISO 27001 download

Conferences Presentations
by PMG principals

Risk Management with Annex A Controls of ISO 27001:2013 download

Impact of GDPR in Project Planning download

Risk Management vis-a-vis Annex A Controls of New ISO/IEC 27001 download