Consulting Service of ISMS -Implementation

ISO/IEC 27001 is a set of international standard on information security management, which emphasizes on establishing and maintains the ISMS (Information Security Management System) under the development model of "Plan-Do-Check-Action". Acer Cyber Security Inc. (ACSI) assists our clients with extensive experiences and further deepened comprehensive documents system to quickly build up the optimized security management system based on clients’ security risk. We will also instruct client how to implement the system, through improving effort, to meet the security requirement and obtain the ISO/IEC 27001 certification.

Service Overview
On assisting customers to build and maintain ISMS (Information Security Management System), the services ACSI provide include:
  • Building information security organization and security policy
  • Analyzing business risk and risk assessment
  • Creating information security management documentation system
  • Formulating information security applicability statement
  • Drafting internal audit plan for information security
  • Purposing operation continuance plan for information security
  • Implementing and carry out information security management standards
  • Completing audit and improvement for information security management
  • Awarding approved with ISO/IEC 27001 certification
  • Maintaining the validity of ISO/IEC 27001
Service Features
  • Integrate ISO/IEC 27001 process design services with ISO/IEC 20000 specification
  • Integrate "Process Streamlining" and "Performance Management" into management system
  • Integrate specifications and requirements of existing systems and construct a new system
  • Senior advisor consultation and assistance
  • Related information security technologies and service integration project
  • Customized service
Service Benefits
  • Obtaining ISO/IEC 27001 certification and build up information security management system effectively
  • Upgrade quality and control intangible cost
  • Promoting corporate image and achieving sustainable operation
  • Enhancing the security awareness of employees
  • Implementing the abilities of dealing information security incidents
  • Uplifting user confidence
  • Serving as the basis for expanding overall security management
Customers Reference
  • National Health Research Institutes
  • Ministry of Examination, Examination Yuan
  • Department of Information Technology, Taipei City Government
  • Bureau of Foreign Trade, MOEA
  • Department of Commerce, MOEA
  • Hsinchu Science Park Bureau
  • National Archives Administration
  • National Communications Commission
  • Bureau of Consular Affairs, Ministry of Foreign Affairs
  • Public Service Pension Fund
Service Structure