Information Security Management-as-a-Service



eyecomplimods


Software-as-a-Service



The eyeCompli service is provided from the cloud using a Software-as-a-Service model, which offers the following benefits to customers:

* Single integrated solution: one location for risk assessment; management of control deployment; ISMS documentation, review and audit;
* Zero capital outlay: licence the components you need, when you need them, for the users who need them;
* Rapid deployment: get started on your ISO 27001 certification in minutes;
* Access anywhere: employees can enter details on control deployment, collaborate on ISMS documents; and management can track progress from their desktop or mobile device

Expertise, not just Product



When you by risk assessment or project management software from on-premise vendors, you are simply buying more infrastructure.

By choosing eyeCompli you are buying decades worth of combined expertise in helping organisations of all sizes deploy BS7799/ISO 27002 controls and certify their Information Security Management Systems to ISO 27001.

Manage the Whole Security Program Lifecycle



eyeCompli handles the entire lifecycle of deploying and managing a standards-based Information Security Management System:

  • Definition of scope and acceptable risk for the organisation’s Information Security Management System
  • Production or importing of a Security Policy
  • Collation and management of information assets from across the organisation, including import from leading IT Service Management platforms
  • ISO/IEC 27005:2005 compliant risk assessment of information assets within scope
  • Production of an ISO/IEC 27001:2005 compliant Statement of Applicability
  • Gap analysis against currently deployed controls and production of the Risk Treatment Plan using ISO 27002 compliant controls
  • Production and hosting of core Information Security Management System documentation – policies, procedures, work instructions and records.
  • Assignment of collaborative workgroups of stakeholders for each control
  • Collaborative editing, revision tracking and review of Information Security Management System documentation
  • Project management of control implementation by workgroups and individual staff members
  • Single repository of information required for internal, external and certification audit
  • Notification of Information Security Management System documentation review
  • Management of risk in supply chain through third-party access