ISO 27001 is an Information Security Management Systems (ISMS) standard that is a formal specification for an ISMS in that it mandates a particular set of controls that need to be in place.
Information Security Assessments provide assurance that key controls are designed, implemented, and/or operated in accordance with your ISMS.
An optimized Information Security Management System defines a comprehensive “process” by which critical information security risks are managed to an acceptable level.
Penetration Testing is best used to substantiate the ISMS as a whole and provide assurance to key stakeholders that the “net” security objectives are being achieved.
Recent Articles & News
- What Qualifies an Information Security Professional as ISO 27001 ‘Competent’?
- Does ISO 27001 Certification Make You NIST Cybersecurity Framework Compliant?
- Why the NIST Cybersecurity Framework Isn’t Really Voluntary
Share this page:
Thank You. We appreciate the fine work and opportunity to work with Pivot Point Security as a partner in improving our environment.–Information Security Assurance
Your consultant has been fantastic and we absolutely could not have done it without him. He is extremely knowledgeable and represents your company very well.–ISO 27001 client – upon achieving certification
The way you walked us through and took time to explain what the reports mean, what the data means, and we don't have to know the technical details behind it. The exit meeting was really good for us "non-technical" people. You speak straightforwardly and make it understandable - better than any testing we've ever had.–Annual Network Penetration Test
The experience was excellent, everything was understood perfectly, reporting excellent and as usual very trustworthy.–Application Penetration Test
I was very pleased with the scope and I appreciate your analysis and how you handled everything; I will definitely continue to use you! –Internal Network Penetration Test
Very easy to work with - you walked us through step by step; very happy with the reports –External Network Penetration Test
Your technical resource was great on site; easy to work with, and he explained everything very simply. He made the experience a pleasure. –Database Vulnerability Assessment
Pivot Point was professional in every way and your consultant’s help and follow through is what enabled us to be so prepared for our audit and achieve ISO 27001 certification…–Satisfied ISO 27001 certification client
Very professional – and worked with integrity. You made it easy for someone who had no idea what she was doing!–WLAN Survey
Tech resource was great - very respectful on site - very careful with our systems; overall the experience was great. I felt the whole "process" worked really well–Network Penetration Test
Everything went smoothly. We're very happy with the results and the internal auditors were happy with the process and feel that the Pivot Point Security process met their criteria. Great experience - we look forward to working with you next year!–Network Vulnerability Assessment & Penetration Test
The technician was great - he just came in and did the job, with no issues. He was very up front with the what and how - gave good explanations.–Vulnerability Assessment & Penetration Test
The certification process went very smoothly. Knowing now what’s involved, we could not have done it without your help!–ISO 27001 client – Legal
Just based on the errors I'm seeing, I'm really really glad I hired y'all. I really thought I was totally secured against SQL injection. –Application Security Assessment