Step 1
Prepare Implementation Plan and Detailed Schedule Accelerate
& Clients
ACCELERATE
|
+ Prepare
plan for the Information Security System Development
(Accelerate will work with Client)
|
Step 2
Gap Assessment
ACCELERATE
|
+ Perform the Gap Assessment
to Identify GAPS between the standard and what exist.
(Accelerate will prepare the report)
|
Step
3
Training (Auditors)
ACCELERATE
|
+ Train
the Internal Auditors and Process Owners to the Standard.
Upon passing the exam, process owner taking training will get
qualified as Internal Auditor
and Lead Auditor Accelerate will issue certificate.
|
Step 4
Implementation Training
ACCELERATE
|
+ Train process owners
to Implementation Process.
(Accelerate will perform the activity)
ISO will issue certificate on passing exam.
|
Step
5
Information Security Policy (Define & Document)
Accelerate & Client
ACCELERATE
|
+ Define
Information Security Policy to internal and external customers.
(Accelerate will prepare Information Security Policy working with Client
|
Step 6
Information Security Objectives
(Define & Document)
Accelerate & Client
ACCELERATE
|
+ Define
Information Security Objective
with reference to Information Security Policy.
(Accelerate will prepare working with Client)
|
Step
7
Measurement Analysis & Improvement
(Define & Document)
ACCELERATE
|
+ Define
Measurement Analysis Process for continuous improvement.
(Accelerate will prepare working with Client)
|
Step 8
Information Security Planning (Define & Document)
ACCELERATE
|
+ Define
Information Security Planning
Process.
(Accelerate will prepare working with Client)
|
Step
9
Executive Management Training
ACCELERATE
|
+ Train
Executive Management for the process for Conducting Management
Review.
(Accelerate will issue certificate)
|
Step 10
Documentation of Data Control
-Development of a consistent
approval process
ACCELERATE
|
+ Define Documentation
and Data Control Process for development
and Management of Documentation Control System.
(Accelerate will develop, works with Client, which include infrastructure
for Documentation Control)
|
Step
11
Level I (Information Security Manual)
ACCELERATE
|
+ Prepare
Information Security Manual.
Document the Company Policy in the manual for compliance to
the standard.
(Accelerate will prepare for Client)
|
Step 12
Level II (Standard Operating Procedures)
ACCELERATE
|
+ Define the process and
the interaction between the processes.
Document each process in compliance with the standard.
(Accelerate will prepare with Client)
|
Step
13
Level III (Work Instructions) Draft
Accelerate & Client
ACCELERATE
|
+ Document
the processes in detail if needed.
(Accelerate will work with Client)
|
Step 14
Level I (Information Security Manual)
Approval/Sign-Off Client
ACCELERATE
|
+ Have Top Management sign
the Information Security Manual.
(Client works with Accelerate)
|
Step
15
Level II (SOP)
Approval/Sign-Off
Client & Accelerate
ACCELERATE
|
+ Have
all procedures approved by process owners and concerned functions.
(Client works with Accelerate)
|
Step 16
Level III (Work Instructions)
Approval/Sign-Off
Client & Accelerate
ACCELERATE
|
+ Have work instruction
signed-off by concerned functions.
(Client works with Accelerate)
|
Step
17
First Internal Audit (by qualified Internal Auditors) Client
& Accelerate
ACCELERATE
|
+ Perform
first Internal Audit. This audit will be conducted by independent
Internal Certified Auditors. (Client will perform with support
from Accelerate)
|
Step 18
Corrective & Preventive Actions, customer, vendor, Information
Security Client
& Accelerate
ACCELERATE
|
+ Do close loop corrective
and preventive action for all issues including issues from Internal
Audit (STEP 17). (Client will perform with Accelerate)
|
Step
19
First Management Review (Performed by Management Rep. & Executive
Mgmt.)
ACCELERATE
|
+ Conduct
Management Review as per Management Review procedures. (Client
works with Accelerate)
|
Step 20
Second Internal Audit (By Qualified Internal Auditors)
Accelerate & Client
ACCELERATE
|
+ Perform second Internal
by Certified Internal Auditors (same as STEP 17). (Client works
with Accelerate)
|
Step
21
Corrective & Preventive Action for 2nd Internal Audit
Accelerate & Client
ACCELERATE
|
+ Perform
close loop corrective and preventive action (Same as STEP 18).
(Client works with Accelerate)
|
Step 22
Second Management Review (By Executive Mgmt.) Client & Accelerate
ACCELERATE
|
+ Perform Management Review
as per Management Review Procedure (same as STEP 19).
(Client works with Accelerate)
|
Step
23
Registrar Pre-Assessment (Optional Activity) Registrar Client
& Accelerate
ACCELERATE
|
+ Registrar
(an independent certifying body) to perform Pre-Assessment (Accelerate will support)
|
Step 24
Corrective & Preventive Actions to registrar finding Accelerate
& Client
ACCELERATE
|
+ Do close loop corrective
actions (same as STEP 18 & 21) (Client works with Accelerate)
|
Step
25
Accelerate Documentation Review
ACCELERATE
|
+
Accelerate Review the complete system for compliance to standard.
|
Step 26
Accelerate Assessment
ACCELERATE
|
+ Accelerate perform audit
for identifying issues to related Implementation.
|
Step
27
Corrective & Preventive Actions
ACCELERATE
|
+ Do
close loop corrective & preventive action for all issues raised
(STEP 25 & 26)(Accelerate works with Client)
|
Step 28
Final Registration Audit
ACCELERATE
|
+ Registrar perform the
final Registration Audit. (Accelerate will support)
|
Step
29
Prepare action plan for registrar finding
ACCELERATE
|
+ Submit
Action Plan & close Registrar Findings.. (Accelerate works with
Client)
|
Step 30
Client Certified
ACCELERATE
|
+ Accelerate Registered
Client in Accelerate Database as "Certified"
|
Step
31
Maintaining Upgrade & Training
ACCELERATE
|
+
Accelerate will provide. (If desired)
|
|
|
