CCCL - Corporate Computer Consultants Ltd

	ISO17799 implementation - we will scope, manage and/or staff a project to implement ISO17799 consistently across your organisation. Leveraging our extensive prior experience on similar projects, we will help you avoid the pitfals to achieve the results required at least cost.
	Rapid ISO17799 reviews - in about one day, we will review the state of infosec controls at a single location and give 'instant feedback' to the local staff and management. If required, in a further day or so, we will prepare a formal management report documenting specific recommendations for improvement.
	'Third party' independent ISO17799 assessments - clients with network connections to suppliers etc. increasingly demand assurance that their trading partners maintain adequate levels of information security. ISO17799 provides an ideal yardstick against which third parties can be assessed, but for obvious reasons third parties are not always prepared to let a trading partner assess their security arrangements directly. Acting on behalf of our clients, we will (a) help them compile an inventory of their third party connections and determine which ones most urgently require security assessment (typicaly this becomes a prioritised and ongoing assessment plan), (b) contact the third parties to explain the assessment process and gain their support, (c) undertake the actual ISO17799 assessments in conjunction with client and/or third party infosec management staff (where available), (d) produce an ISO17799 compliance statement for each third party and, if required, discuss improvement recommendations confidentialy with management.
	ISO17799 benchmarking - for large organisations with multiple sites, a team of consultants (in conjunction with client infosec staff if appropriate) will share the workload, reviewing and scoring infosec controls consistently against common criteria incorporating ISO17799 and other standards, plus external best practice. The team will generate a consistent management report containing objective comment, relative scores comparing each site and recommendations for improvements. For smaler organisations, we will compare infosec controls against external best practice and relevant standards.
	ISO17799 audits - the scope of ISO17799 audits is determined by the client but may include reviewing the general state of infosec controls, infosec management structure, relations between infosec function and other IT and non-IT departments, compliance with infosec policies & procedures, state of infosec awareness etc.
	Infosec awareness and training - technical training for dedicated infosec staff, awareness briefings etc. for all management and staff. Contact us about our forthcoming one-day training course "Implementing ISO 17799".