The new ISO27002 assessment standard is among the most “Broad & Deep” of security standards.
Crimson Security Inc.’s ISO27002 security assessments are based on evaluating the security posture of the organization against requirements derived out of the ISO27002 standard. The organization is then assessed in the 11 domains defined in the ISO27002 standard. The assessment also includes vulnerability scans that are conducted on both internal and external systems and devices.
Our assessment process includes the following general steps:
- Preliminary Information Gathering
- Port Scanning
- Vulnerability Testing
- War Dialing
- On-site Inspection
- Document Review
- Interviews
- Inspection of physical & logical Configuration and Architecture
- Internal and External Vulnerability Scanning