Generix Consultants have years of experience helping organizations to implement audit, risk and compliance related to ISO27001, ISO20000 and ISO22301 around the world. Generixincreased focus on accountability have led enterprises to pursue a broad range of governance, risk and compliance initiatives across the organization.
Using our expertise to overcome roadblocks and accelerate your project initiatives, you can free up your own team to focus on what’s most important— managing your risks, executing on projects and resolving potential weaknesses and deficiencies in your internal control environment and core business processes.
Why choose Generix?
Whether your challenges lie in the areas of risk management or monitoring, audit project management, controls monitoring, or compliance – or within the specific regulatory and operating environments unique to industries such as Government, SME’s and Financial sector– Generix Consultants can help you implement solutions uniquely suited to your organization’s needs.
Many consultants attempt to roll out a cookie-cutter approach to all organizations because they do not understand the significance of the current business processes and drivers. Don’t let that happen to your organization. Develop your security program correctly the first time!
With the increase in opportunities to do business globally and the increased flow of information combined with the increase in sophistication of information security attacks, there is an urgent need to protect the confidentiality, integrity and availability of information.
Security products provide protection against damage to information, but they need to be supplemented with a monitoring mechanism. If you want your partners and customers to trust your information you need an Information Security Management System (ISMS).
An Information Security Management System (ISMS) helps determine how information is processed, stored, transferred, archived and destroyed. A secure ISMS is one which ensures:
An International standard for Information Security Management
The Standard ISO/IEC 27001 enables organizations to align with global Standards of best practice information security management. They offer organizations a practical framework and functional guidelines to assist with the improvement of information security and to be recognized accordingly – worldwide.
ISO 27001 is now globally recognized as the standard against which organizations can be certified to.
Generix – Auditing and certification to ISO/IEC 27001
Generix auditors independently assess important areas of your operations. They approve the scope of certification and review your ISMS at regular intervals seeking clarification and evidence that your goals and obligations are met and then report on the status of your system.
These reports will enable you to make decisions or take action in a timely manner to give you the confidence that your information security commitments are being met.
Whether you are looking for scoping, training, risk assessment, milestone review or certification, Generix has a solution to meet your needs including:
IT Service Management System sounds easy, but choosing the right model and solution can be key to your stakeholders and critical to your business.
The recently updated Information Technology Information Library (ITIL) Version 3 has a life cycle approach, similar to the Plan, Do, Check, Act (PDCA) cycle with, a strong focus on continual service improvement.
To successfully implement ITIL, you’ll need a management system to monitor and track compliance of Service Level Agreements (SLAs) with your customers. An Information Technology Service Management System (ITSMS) is a great foundation.
ISO/IEC 20000-1:2011 can be used as the criteria upon which to develop an ITIL based service improvement program for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented ITSMS framework.
Whether you are looking for scoping, risk assessment, milestone review or certification, Generix has the following solutions:
Generix’s expert auditors and accredited certification processes provide IT service managers with the ability to demonstrate that their IT services meet international standards of best practices.
Business Continuity Management System (BCMS) is essential for organizations to minimize the risks to their business. BCMS puts in place the people, processes and technologies to secure critical information assets, minimizing the impact to operations in the event of an incident.
ISO 22301 is the international Business Continuity Management Systems (BCMS) standard. It specifies the requirements to plan, establish, implement, operate, monitor, review, maintain and continually improve a documented management system to protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when they arise. ISO 22301 replaced the old BS 25999-2 business continuity standard in 2012.
The business benefits from ISO 22301 certification are substantial. Not only does this standards help ensure that your Business Continuity risks are cost-effectively managed, but your adherence to the standards transmits an important message to your customers and business partners. ISO 22301 plays a very important role in monitoring, review, maintenance and improvement of your Business Continuity Management System and will likely give other organizations and customers greater confidence in all the ways they interact with you.Once the Risk Frameworks are identified and in place, continuous monitoring and assessment of the risk to the identified assets ensures management have an up to date view of the risk universe.
Our approach to ISO 22301 engagements in the majority of cases is to first carry out a Gap Analysis of the organization against the clauses and controls of the standard. This will provide a clear picture where you already conform to the standard, where there are some controls in place but there is room for improvement and where controls are missing and need to be implemented. For some organizations this will be the extent of the assistance required.
Following the Gap Analysis and debrief, you may require additional assistance by way of advice and guidance and project management of implementation of suitable controls and documentation required to meet the standard, in preparation for external certification.
Generix Consultants assists and advises organizations on the following: