ISO IEC 27001 Toolkit

Downloadable Resources, Instant Access

Participate in projects and initiatives working with IAM team members, architectural, development and engineering teams, service owners, and business stakeholders to provide enterprise IAM solutions that are scalable and adaptable with the ever changing business needs and industry demands.

More Uses of the ISO IEC 27001 Toolkit:

  • Develop, implement, and/or maintain procedures and automated processes to ensure the security of internally developed software and/or technology products.

  • Ensure products and systems comply with requirements and government information and cybersecurity standards through formal verification methods.

  • Be accountable for providing leadership and guidance on information security topics, advising and collaborating on security processes, business continuity, and disaster recovery plans.

  • Ensure compliance with regulatory requirements and assume primary responsibility for SOP updates, Tools instructions, and quality control or code development.

  • Manage multiple client projects at any given time, collaborating with Sales, Project Managers, Operations, and at times external organizations and End Clients.

  • Confirm you lead necessary IT compliance control monitoring and testing activities to determine effectiveness of the controls and ensure deficiencies are remediated.

  • Audit: research, install, administer, monitor, troubleshoot, document, and maintain enterprise databases to ensure maximum availability of mission critical systems and applications.

  • Provide a high level of technical expertise to support the delivery of project packages and the maintenance of existing complex system installations at client sites.

  • Be accountable for providing leadership and governance on compliance initiatives, specifically PCI DSS compliance, GDPR, CCPA and similar compliance requirements.

  • Be accountable for developing and maintaining information security policies, standards, guidelines and oversee the dissemination of security policies and practices.

  • Confirm your organization ensures the consistency and maintainability of existing applications by creating, maintaining, and enforcing standards/procedures for implementing technical solutions.

  • Lead projects and initiatives working with IAM team members, architectural, development and engineering teams, service owners, and business stakeholders to provide enterprise IAM solutions that are scalable and adaptable with the ever changing business needs and industry demands.

  • Lead the evaluation and implementation of emerging data access control technologies, information systems security issues, safeguards and techniques.

  • Maintain an IT compliance issue management tracking and resolution process to remediate, according to severity and potential impact to your organization.

  • Warrant that your organization identifies potential areas of compliance vulnerability and risk; develops/implements corrective action plans for resolution of problematic issues and provides general guidance on how to avoid or deal with similar situations in the future.

  • Ensure your organization provides significant input into the annual strategic planning and budget processes and identifies cost effective wargaming operations in a manner consistent with the strategic and budgetary requirements.

  • Confirm you lend expertise to the product design, development, and engineering teams to ensure development specifications, quality standards and testing requirements are appropriately documented.

  • Modify command language programs, network start up files, assign/reassign network device logically, analyze network performance, and recommend adjustments to a wide variety of complex network management functions.

  • Coordinate IT risk management projects with personnel from the IT organization, lines of business, and other internal departments and organizations.

  • Participate with the customer and internal technical teams in the strategic design process to translate compliance and regulatory requirements into controls, processes and systems.

  • Provide skill with malicious code reverse engineering to isolate, review, analyze, and reverse engineer potentially malicious programs recovered from compromised mobile devices.

  • Confirm you lead the information security function across your organization to ensure consistent and high quality information security management in support of the business goals.

  • Ensure that security is embedded in the project delivery process by providing the appropriate information security policies, practices and guidelines.

  • Evaluate project implementations, reporting on performance against goals and contract deliverables, and recommending further actions as appropriate.



What does the Self Assessment Kit do for you?

  • Step 1: Get your Bearings: Use the sample Dashboard and book provided to prepare you for the next steps. 


  • Step 2: Complete the Dashboard: Get a clearer picture of where you need to improve, letting you set concrete goals, tasks, dates and numbers you can track.


  • Step 3: Make real change in your business.. The results of STEP 2, complete the Step-by-Step and Project management Forms and templates included to prepare results of your data.


Checklists Reports: Included are curated checklists to help you access your organizations compliance to Standard Requirements.



With this Three Step process you will have all the tools you need for any Standard requirements project with this in-depth Standard requirements self assessment.

In using the self assessment you will be better able to:

  • Diagnose Standard requirements projects, initiatives, organizations, businesses and processes using accepted diagnostic standards and practices
  • Implement evidence-based best practice strategies aligned with overall goals
  • Integrate recent advances in Standard requirements and put process design strategies into practice according to best practice guidelines


 Whats included

  • Indepth implementation instructions
  • PDF Quick Explanation Guide plus Pre-filled example spreadsheet
  • The Dashboard with hundreds of questions covering the following areas
    • Recognize, Define, Measure, Analyze, Improve, Control & Sustain
    • Cumulated in a RACI Matrix report
  • Implementation Templates including
    • Initiating Processes
    • Planning Processes
    • Executing Processes
    • Monitoring and Controlling Processes
    • Closing Processes

Step-by-step and complete ISO IEC 27001 Project Management Forms and Templates including check box criteria and templates.

1.0 Initiating Process Group:

  • 1.1 ISO IEC 27001 project Charter
  • 1.2 Stakeholder Register
  • 1.3 Stakeholder Analysis Matrix

2.0 Planning Process Group:

  • 2.1 ISO IEC 27001 project Management Plan
  • 2.2 Scope Management Plan
  • 2.3 Requirements Management Plan
  • 2.4 Requirements Documentation
  • 2.5 Requirements Traceability Matrix
  • 2.6 ISO IEC 27001 project Scope Statement
  • 2.7 Assumption and Constraint Log
  • 2.8 Work Breakdown Structure
  • 2.9 WBS Dictionary
  • 2.10 Schedule Management Plan
  • 2.11 Activity List
  • 2.12 Activity Attributes
  • 2.13 Milestone List
  • 2.14 Network Diagram
  • 2.15 Activity Resource Requirements
  • 2.16 Resource Breakdown Structure
  • 2.17 Activity Duration Estimates
  • 2.18 Duration Estimating Worksheet
  • 2.19 ISO IEC 27001 project Schedule
  • 2.20 Cost Management Plan
  • 2.21 Activity Cost Estimates
  • 2.22 Cost Estimating Worksheet
  • 2.23 Cost Baseline
  • 2.24 Quality Management Plan
  • 2.25 Quality Metrics
  • 2.26 Process Improvement Plan
  • 2.27 Responsibility Assignment Matrix
  • 2.28 Roles and Responsibilities
  • 2.29 Human Resource Management Plan
  • 2.30 Communications Management Plan
  • 2.31 Risk Management Plan
  • 2.32 Risk Register
  • 2.33 Probability and Impact Assessment
  • 2.34 Probability and Impact Matrix
  • 2.35 Risk Data Sheet
  • 2.36 Procurement Management Plan
  • 2.37 Source Selection Criteria
  • 2.38 Stakeholder Management Plan
  • 2.39 Change Management Plan

3.0 Executing Process Group:

  • 3.1 Team Member Status Report
  • 3.2 Change Request
  • 3.3 Change Log
  • 3.4 Decision Log
  • 3.5 Quality Audit
  • 3.6 Team Directory
  • 3.7 Team Operating Agreement
  • 3.8 Team Performance Assessment
  • 3.9 Team Member Performance Assessment
  • 3.10 Issue Log

4.0 Monitoring and Controlling Process Group:

  • 4.1 ISO IEC 27001 project Performance Report
  • 4.2 Variance Analysis
  • 4.3 Earned Value Status
  • 4.4 Risk Audit
  • 4.5 Contractor Status Report
  • 4.6 Formal Acceptance

5.0 Closing Process Group:

  • 5.1 Procurement Audit
  • 5.2 Contract Close-Out
  • 5.3 ISO IEC 27001 project or Phase Close-Out
  • 5.4 Lessons Learned