The performance and mastery of the various operational processes (including information security) are not simply a sum of the perceptions of the various stakeholders. A systematic approach, rigorous, analytical methodologies, transverse diagnostics, and a comparison with the industry's best practices, are all essential to ensure the best decision-making processes for the implementation of critical changes.
  Quality Management System (ISO 9001)
A company with identical production activities (including administrative functions), performed by several teams, cannot function based on 'general guidelines'. The old adage 'If it isn't monitored, it won't work' is all too often proven true. In reality, the most effective designs do not always work on the plant floor. Comfort and force of habit are 2 of the most typical impediments to positive change...  

In order to realise the desired improvements, a quality control system, based on audits (internal and/or external) is an essential response to detect process non-conformities. The advantage of such a system is that it offers an unbiased alternative to the more traditional, hierarchical approach, in order to ensure the identification and resolution of potential bottlenecks and operational weaknesses.  

Gate-16 has helped 4 large organisations (500+ employees) obtain certification. We will use that experience to assist you to define and attain your own certification goals via internal and external auditing.

  Information Security Management System (ISO 27001)
Managing information-related risks requires a good methodology. This includes creating an inventory of information assets, evaluating and profiting from those assets, identifying and evaluating vulnerabilities, and threats, and their associated probabilities and potential impacts. The results are used to prioritise the risks and to implement appropriate security measures.  In theory this is very logical, but, in practice, every organisation is confronted with huge amounts of information accessed by large numbers of people, each with their own, particular understanding of the inherent risks. These diverse perceptions must be aligned in order to define a coherent solution that is neither too complex, nor too simplistic.

For the purpose of this exercise, Gate-16 can provide a tool, and close assistance, to quickly obtain your objectives: a coherent set of effective security measures.