I had been heading NOC for 3 years, and badly wanted to switch over to Information Security Role. These checklists gave me the much need to preparation, and confidence to face 3 rounds of selection to get me auditor's role in the central security team of my organization. 'Just conducted audits of two locations. Both the Location heads have given positive feedback to my HOD, for the immense value-added audit performed at their units.
With one and half decade experience in InfoSec domain, I thought I knew It all, until I got these Checklists, I felt I have to start all over. I went into huddle with my team for almost a 25 days. Just concluded 08 critical suppliers (service providers) audit revealed total of 237 audit findings. These Checklists are "Ruthless" to the system and processes, which my organization and team deserve to survive.. After all it is survival of the fittest.
As a CISO I always had high anxiety bouts peaking at one month prior to audit by certification body. This included loss of appetite during the audit days. I always used to be apprehensive and fearful of the audit findings. Last year I got these Checklists. It helped me to prepare well and face the audits with confidence. 2 audit (at six monthly frequency) resulted in zero deviations, and numerous benchmark positive findings. I got appreciation letter from the Board. Thanks!
For Couple of years, we had been exploiting these ISO Checklists for strengthening ISMS at Organization level, and team's learning curve to achieve and maintain Information Security Certification. Early this year started with deliberation of moving our DC to Cloud with big impediment to select Cloud Service Provider. Cloud Security checklist has immensely helped us to identify the most secured Cloud Service Provider. Our teams can now perform regular Information security audit of the CSP
Having spent 23 years in Information Security Consultancy, the requirements for comprehensive and detailed ISMS Checklist was overwhelming. With these checklist in my repository, I would be able to deliver better results. I have hired couple of security professionals and grooming them with help these checklist so that they can deliver value added Information Security Audits, and consultancy.
I am Vice president heading Managed Security services. 3 months back we got a very big client listed on LSE. In terms of revenue, it was very big boost as well as responsibility because penalties for even Severity 2 level were very high. It was then, we obtained these checklists to give us the much-needed confidence and impetus to strategize, execute, govern, and improve on information security management system life cycle. These checklists have contributed hugely to discipline the processes, and systems to prevented costly penalties.
Managing Security for two big verticals with huge number of processes, and large teams, with Confidence and ease becomes possible now the these checklists. These Checklists have helped to plug numerous vulnerabilities. Now, I am keenly looking forward for information security legal compliance checklist; do let me know when it is published.
After a lot of search, I got my hands on the Checklists on Information Security Management System, I had been desperately searching for quite some time. I got these 1 week prior to my job interview for GRC . Good job done!
We are a software design and development company. We got 2 major non-conformances from regulatory agency from the customer's country. Why? Because, We had been victim of “been there, seen this, and done that” syndrome. Complacency is the biggest risk for Information security. It was a wake up call. These Checklists are antidote to complacency. It helped us to demolish complacency of the organization and the team. Highly recommended!
I have been using all 07 Checklists pertaining to IT department to our maximum advantage. These have been big saviors in terms of risks identification. Now, Our Company is diversifying to Managed Data Center services. Can you help me provide Information Security Checklist for Data Centers.
We thought we are invincible. Then, got these checklists and studied with security team to realize we were not even 15 to 20% compliant. With Certification audits followed by client audits around the corner, thankfully, with these checklists, now we know what exactly the gaps are.
I have just finished Lead Auditor training. With lot of effort, we could make not more that 7 to 15 Checklist Questions per clause or per department during the training. During my entire life time, I would not have gone past maximum 20 to 25 checklist questions per department. Now, I am proud owner of unparalleled huge reservoirs of these checklists’ questions. I am super excited at the benefits of these checklists and the potential it holds for my career.
Being a Chief Risk Officer of the Bank, I had attended several professional trainings, seminars, webinars to better understand Information Security Risk Management System but always felt the professional vacuum on this aspect. Over a period, I had prepared checklist with 35 Compliance questions. Even though I had hit the ceiling, I knew there is more to it. My happiness knew no bounds when I got Information Security Risk Management Checklist with 251 questions. Incredible indeed!
From 3 persons to now 107 in 14 months we are growing exponentially with SaaS platform in logistic environment. With number of clients adding up every month and frequent client audits have raised many gaps in security posture of the organization with many clients giving us last warning, it was time to put information security as number 1 priority permanently. We got these checklists to perform gap audits. And, we got tons of gaps to be plugged in timely manner without resulting into reoccurrence. One of our very strict big clients have been stating that “we have been reincarnated” from InfoSec Perspective.
As an auditor of information security, though my audits were generally appreciated by clients, and my organization, but I knew that I need to add more investigative depth to the audit trails. I had been contemplating for quite some time on how to do this but could not find suitable solution or path. Ever since I have got these comprehensive checklists, my clients and my reviewers are amazed at quantum and quality of the value-added findings that I am able to detect in each audit. It has been announced that I would be promoted to Senior auditor position next month.
In my last semester of completing my B.Tech, I had done 2 professional programs in information security, namely ISO 27001 Lead Implementer training, and ISO 27001 Lead Auditor training from this Institute and learnt all the ropes of ISMS. I had obtained at heavy discount these checklists to be used at a later date. This was to prepare for Campus placement selection process. I got shortlisted for a very big search engine company. I was very nervous because there were multiple rounds of tests. It was here when I ran through these checklist questions over and over again. All rounds went smoothly and I was the only one selected in my batch. ‘Grateful to you for these checklists.
It was a very enriching experience.
It was a very lively 5 days training on ISO 27001 standard with alot of real life examples, group activities and review sessions.
The trainer was a wonderful human being with a passion towards helping professioanls achieve their goals.
Would recommend the training and the trainer to all.
I attended ISO 27001:2013 LA training.
The training was absolutely amazing.
The tutor/instructor was quite skilled and experienced.
All the things tutor explained were quite knowledgeable and grasping.
Tutor provided real life examples and created a great environment for studying and grasping the key topics.
Exam specific and also auditing perspective.
Training provided was very informative and it covers all areas of ISO 27001:2013 LA. Training was delivered in a very effective way and style of delivery was very good taking real life examples. The course made very enjoyable by the trainer. I recommend this to everyone who wants to go for this course.
Recently attend 5 day training for ISO27001:2013 Lead Auditor Training. The faculty was amazing and explained every aspect in detail and with real life examples. The training had role plays activities which helped us remember the concept.
Overall excellent experience.
I enjoyed my ISO27001:2013 LA training. this was a wonderful opportunity for me to strengthen my foundation of ISMS framework.
The live case studies and examples helped to connect training into realtime.
Enriching experience, the topics were explained in a easy to understand with real life examples, Suresh Sir knowledge and expertise into the domain helped a lot make the subject interactive and interesting.
Overall a very nice and enriching experience. The in depth knowledge delivered has helped us to get great insight of the standard. The practical examples and linking the clauses to real life incidents has made us learn thing for a lifetime.
A very fruitful experience.
I have gone through the ISO 27001 Lead auditor training, i really learnt a lot, specially the practical scenario and out of the box practical experience of different sectors.
Special thanks to Mr. Suresh Sharma sir for training me and lighting the fire of thought leadership inside me.
I enjoyed my ISO27001:2013 LA training here, this was a wonderful opportunity for me to strengthen my foundation of ISMS framework.
The live case studies and examples helped to connect training into realtime scenarios.
Highly recomend to IT professionals.
It was very good being here. Learned examples and got very clear understanding. Tutor is very effective. I highly recommend this institute as it will actually give you what you looking for iso standards. I have attended iso 27001 training and suresh sir I believe is one of the best tutor I came across.
Awesome experience of ISO 27001.
Explanations of concepts has been great.
Real time examples on situations.
Examples on situations and audit requirements. Excellent trainer Mr. Suresh Sharma and thought leader. Risk assessment and Risk treatment knowledge has been exceptional. If you really wants to learn the concepts of ISO 27001 with real time audit scenarios take this training course from Mr. Suresh Sharma.
I would like to thank the faculty , he has been impeccable in guiding through ISO27001:2013 course .The understanding of the subject matter through relevent example of audit and not through slide show has made the course easier to go though. I would recommend him for this training.
Awesome experience. Great knowledge. Explanations of concepts has been great. Great Examples on situations and audit requirements. Excellent faculty and thought leader. Risk assessment and Risk treatment knowledge has been exceptional.
The training on ISO 27001:2013 provided by expert faculty having rich industry experience. The entire training delivery with tons of practical examples was very impressive. The training imparted on the standards was interactive based on the actual scenarios.
This is going to help me lot in framing ISO policies and audit standards for my organisation and also enhance my skill towards Information security compliances.
Excellent place to get your ISO Foundations in order. I did my ISO 27001 lead auditor training with them and I thank my stars and the person who referred me to this place. Superb training method laced with experiential anecdotes will cement your understanding of the practical aspects of auditing ISMS. I recommend this to anyone who looks towards understanding ISO 27001. Suresh Sharma Sir is my permanent Guru in this field from today onwards.
Had a wonderful experience going through the process. Doing the course with Suresh sir is primarily taking a leap in the sector as he comes with loads of experience which he shares and delivers in one of the finest ways.
A remarkable mentor ,I would say.
Best wishes to the institute.