Methodology
We offer a wide range of services, from GAP analysis to the creation of an action plan for your company. Our mission is to help you maintain high quality and efficiency in the preparation of documents, implementation of processes, issuance of reports and definition of indicators, through best practices and in accordance with the appropriate standards and certifications. Our entire team is dedicated to this goal. We offer objective and practical solutions to meet all the needs of your company.
1 - GAP Analysis:
An assessment of your company's level of compliance will be carried out to meet the requirements of the selected ISO standard, to identify opportunities for improvement and non-conformities, which should be addressed through the preparation and implementation of Action Plans. To carry out this analysis, a process understanding meeting will be held, and an agenda will be drawn up with those responsible for the interviews.
2 - Training:
Qualification training will be provided to employees involved in the scope of the certification in question. The trainings are assembled according to the structure of the scope and profile of the company.
3 - Documentation:
Support will be provided in the preparation of the documentation required by the organization to guarantee the effectiveness of the Management System. This item deals with policies, codes, procedures, statutes, work instructions, manuals, guides, spreadsheets, among others.
4 - Implementation of Controls:
Work will be done to implement the defined processes, with the identification of the context of the organization, stakeholders, their needs and expectations, process mapping, risk assessment and treatment and support in the preparation of mandatory and necessary documentation, establishing a management structure agile, easy to monitor, considering requirements of the ISO standard.
5 - Internal Audit:
An internal audit cycle will be carried out (mandatory requirement of ISO standards), which should assess whether the processes, procedures and the selected ISO standard are actually being applied. The consultancy will carry out this activity, identifying opportunities for improvement and non-conformities, which will be dealt with through corrective action procedures.
6 - Action plans:
Support will be provided in the preparation of action plans resulting from the result of the internal audit, which require clear definitions of responsibility, and follow-up and compliance with the requirements of the standard.
7 - Conducting the Critical Analysis Meeting:
A meeting will be organized with the company's Senior Management to monitor the management system and establish future plans. This meeting mainly considers changes identified in the organization's context, feedback on the effectiveness of the management system, and risk assessment.
8 - Workshop:
An event will be prepared covering the main information security requirements, also aiming at preparing employees for the certification audit.
9 - Certification Audit:
In this phase of the project, work will be coordinated so that the consultancy can provide support for certification activities (follow-up during the external audit) and post-audit support in relation to the preparation of action plans.