Company: Ortnec
Website: https://ortnec.com/
Purpose: Conducting process analysis and data categorization.
Terms of consulting – 3 months.
The result is data categorization and process implementation.
The company requested to deal with the categorization of data, their places and storage periods. As well as build management processes for monitoring and control.
An internal audit was carried out, data categorization was carried out, the required processes and controls were implemented, and the required documentation was prepared.
An analysis of the data and processes of the Company has been done, as part of the joint work. Based on the results of the analysis, the information was categorized and the plan for the further processing were created.
Also, the recommendations on building security processes in accordance with the requirements of ISO 27001 and the lists of required documentation, processes, and reporting, were provided.
I want to highlight the high professionalism and extensive experience. Also, I want to mention that analysis and prepared recommendations were highly structured.
I would recommend the Company’s consultants for conducting security audits and further implementation of processes in preparation for ISO 27001 certifications and compliance with the requirements of the personal data regulation (GDPR).