Despite being an intangible asset, information is just as valuable as other key business property and must be constantly provided with proper safeguards. Comprehensive information security management can ensure that business data are safe from various kinds of threats while minimizing losses from information security attacks, allowing business processes to work normally without disruption.

The ISO 27001 Information Security Management System (ISMS) Consultation offered by IISI is targeted at helping clients enhance their ISMS processes. Services include: implementation of ISMS, certification consultation, e-mail and social engineering attacks and defense exercises, network server vulnerability scanning, as well as ISMS planning and implementation.

---

Consultant Team

IISI has a professional team of information security consultants that has integrated both practical management and technical applications. The team of consultants is able to help organizations implementation and maintain ISMS management practices in an effective manner. The team of ISMS consultants is highly experienced in practical consultation services and is supported by a strong background in ISMS planning and network administration. In addition to integrating system management and data security network technologies, the team is also capable of handling the introduction and integration of two or more ISMS and ITSM systems to meet current and future business requirements of having multiple and integrated management systems.

---

Services

• ISO 27001 ISMS Consultation
  IISI has years of practical experience in implementing and maintaining ISO 27001 systems. The experienced team of consultants is able to help clients establish, implement, operate, monitor, review, maintain, and improve integrated ISMS.
• CSA STAR Consultation
  IISI offers consultation for cloud information security certifications based upon ISO 27001 as well as the Cloud Security Alliance (CSA) Cloud Control Matrix, helping cloud service providers implementing cloud security management and meet the certification requirements needed.
• Personal Information Management System Consultation
  IISI references its extensive experiences in introducing BS10012 Personal Information Management Systems (PIMS), Taiwan Personal Information Protection & Administration System (TPIPAS), and ISO 27001 ISMS, and adopts the development model of Plan-Do-Check-Act (PDCA) as well as other know-how to help clients establish PIMS capable of satisfying the requirements of the "Personal Information Protection Act" while integrating their current information security management mechanisms or ISMS management systems.
• Planning and implementation of ISMS training
  IISI offers on-site corporate classes as well as periodic ISMS training courses for the following areas:
  • Introduction to ISMS
  • Social engineering concepts
  • Information security management concepts
  • Applied information security audits
  • Maintenance and operations team training

---

Features

• The IT security service team has the expertise manpower with technology capability and management capability to provide comprehensive services.
• Use genuine authorized and fully featured IT security testing tool to provide IT security testing services.
• Quickly explore vulnerabilities through IT diagnosis, and sign an non-disclosure agreement to ensue the confidentiality promise for customer critical information.
• Provide detailed IT security diagnosis and remedy recommendation report.

---

Clients

Office of the President; Executive Yuan; Environmental Protection Administration, Executive Yuan; Overseas Community Affairs Council, Executive Yuan; Council of Agriculture, Executive Yuan; Directorate-General of Personnel Administration, Executive Yuan; Air Navigation & Weather Services, Civil Aeronautics Association; Soil and Water Conservation Bureau, Council of Agriculture; Ministry of Economic Affairs; Public Construction Commission, Executive Yuan; National Archives Administration; Bureau of Labor Insurance, Executive Yuan; Information Management Center, New Taipei City Government; ICT Office of the Institute for Information Industry; National Center for High-performance Computing of National Applied Research Laboratories; Taiwan Futures Exchange; The Taiwan Clearing House; Taipei Exchange; Compal Communications, Inc.; Chunghwa Telecom Security Operations Center; and Fiscal Information Agency.

Taiwan Adventist Hospital; Mennonite Christian Hospital; Sin-Lau Hospital; National Taiwan University Hospital Yun-Lin Branch; Yuan's General Hospital; and Chung Shan Medical University Hospital.

Computer Centre Ltd. (CCL) of St. Lucia; Central Information Technology Office (CITO) of Belize; and Information Technology Services Division (ITSD) of St. Vincent and the Grenadines.

---