Professional Documents
Culture Documents
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
Information Security Policies
Asset management
www.halkynconsulting.co.uk
Access control
Cryptography
Operations security
Communications security
Supplier relationships
Compliance Status - By Section
A.5 A.6 A.7 A.8 A.9 A.10 A.11 A.12 A.13 A.14 A.15 A.16 A.17 A.18
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
ISO27001:2013 Assessment Status
info@halkynconsulting.co.uk
12/11/2023
Overview
This tool is designed to assist a skilled and experienced professional ensure that the relevant control areas
of ISO / IEC 27001:2013 have been addressed.
This tool does not constitute a valid assessment and the use of this tool does not confer ISO/IEC
27001:2013 certification. The findings here must be confirmed as part of a formal audit / assessment visit.
Pre-assessment
1. Determine assessment scope. Work with the relevant business stakeholders to
determine what the appropriate scope of the
assessment is.
Assessment
4. Review control areas. Work through the tool kit, reviewing the
evidence for each control and determining how
compliant it is with the requirements.
The toolkit allows for this to be done in 5%
increments.
5. Determine level of compliance. On completion of the review, the tool kit will give
you an overall level of compliance by control area
and by individual controls.
Post Assessment
6. Record areas of weakness Make a note of any areas where compliance is
unsuitable (normally less than 90%)
7. Determine improvement plan For each area of weakness, work with the
relevant business stakeholders to determine how
the control can be improved.
Page 3 of 22 12/11/2023
www.halkynconsulting.co.uk
ISO 27001:2013 Halkyn Consulting Ltd
Compliance Checklist
Page 4 of 22 12/11/2023
www.halkynconsulting.co.uk
ISO 27001:2013 Halkyn Consulting Ltd
Compliance Checklist
Page 5 of 22 12/11/2023
www.halkynconsulting.co.uk
ISO 27001:2013 Halkyn Consulting Ltd
Compliance Checklist
Page 6 of 22 12/11/2023
www.halkynconsulting.co.uk
ISO 27001:2013 Halkyn Consulting Ltd
Compliance Checklist
Page 7 of 22 12/11/2023
www.halkynconsulting.co.uk
ISO 27001:2013 Halkyn Consulting Ltd
Compliance Checklist
Page 8 of 22 12/11/2023
www.halkynconsulting.co.uk
ISO 27001:2013 Halkyn Consulting Ltd
Compliance Checklist
A.9.4.5 Access control to program source code Is access to the source code protected? 0%
A.10 Cryptography
A.10.1 Cryptographic controls
Is there a policy on the use of cryptographic
A.10.1.1 Policy on the use of cryptographic controls 0%
controls?
Page 9 of 22 12/11/2023
www.halkynconsulting.co.uk
ISO 27001:2013 Halkyn Consulting Ltd
Compliance Checklist
Is there a policy governing the whole lifecycle
A.10.1.2 Key management 0%
of cryptographic keys?
A.11 Physical and environmental security
A.11.1 Secure areas
A.11.2 Equipment
Page 10 of 22 12/11/2023
www.halkynconsulting.co.uk
ISO 27001:2013 Halkyn Consulting Ltd
Compliance Checklist
Page 11 of 22 12/11/2023
www.halkynconsulting.co.uk
ISO 27001:2013 Halkyn Consulting Ltd
Compliance Checklist
A.12.3 Backup
Page 12 of 22 12/11/2023
www.halkynconsulting.co.uk
ISO 27001:2013 Halkyn Consulting Ltd
Compliance Checklist
Page 13 of 22 12/11/2023
www.halkynconsulting.co.uk
ISO 27001:2013 Halkyn Consulting Ltd
Compliance Checklist
A.13.1 Network security management
Is there a network management process in
A.13.1.1 Network controls 0%
place?
Page 14 of 22 12/11/2023
www.halkynconsulting.co.uk
ISO 27001:2013 Halkyn Consulting Ltd
Compliance Checklist
Page 15 of 22 12/11/2023
www.halkynconsulting.co.uk
ISO 27001:2013 Halkyn Consulting Ltd
Compliance Checklist
A.14.2.2 System change control procedures Is there a formal change control process? 0%
Is there a process to ensure a technical review
Technical review of applications after
A.14.2.3 is carried out when operating platforms are 0%
operating platform changes
changed?
Page 16 of 22 12/11/2023
www.halkynconsulting.co.uk
ISO 27001:2013 Halkyn Consulting Ltd
Compliance Checklist
Page 17 of 22 12/11/2023
www.halkynconsulting.co.uk
ISO 27001:2013 Halkyn Consulting Ltd
Compliance Checklist
Page 18 of 22 12/11/2023
www.halkynconsulting.co.uk
ISO 27001:2013 Halkyn Consulting Ltd
Compliance Checklist
Verify, review and evaluate information Are continuity plans validated and verified at
A.17.1.3 0%
security continuity regular intervals?
A.17.2 Redundancies
Do information processing facilities have
Availability of information processing
A.17.2.1 sufficient redundancy to meet the 0%
facilities
organisations availability requirements?
A.18 Compliance
A.18.1 Compliance with legal and contractual requirements
Page 19 of 22 12/11/2023
www.halkynconsulting.co.uk
ISO 27001:2013 Halkyn Consulting Ltd
Compliance Checklist
Page 20 of 22 12/11/2023
www.halkynconsulting.co.uk
ISO27001:2013 Compliance info@halkynconsulting.co.uk
Status Report
Overall Compliance 0%