ISMS & ISO 27001

The art of combining compliance & security with business value

How business leaders can stay on top of cyber risks by implementing an Information Security Management System.

Being on top of cyber challenges is instrumental for business leaders and managers to thrive in this era of interconnectivity, technological dependency, and increasingly advanced threats. Effectively managing these challenges is complex and can only be done with a structured approach, which includes all levels of an organisation, usually referred to as a management system.

Management systems exist for a wide variety of topics, and are usually documented in international standards or frameworks. ISO/IEC 27001 is the internationally recognised standard for information security management. It specifies requirements for establishing, maintaining and improving an Information Security Management System (ISMS).

Implementing an ISMS will bring you advantages such as:

  • Manage risk: Ensure a proper understanding of risks by top management, giving them the information they need to get involved and make informed decisions, leading to a reduction in risks.
  • Support the business: Being on top of security and privacy risks enables you to focus on the business, sparking the confidence to move full speed ahead.
  • Operationalise and demonstrate compliance: Demonstrate ongoing compliance with security and privacy laws, regulations or frameworks like the NIS directive, TISAX, GDPR and other international data privacy legislation.

Deloitte has a multidisciplinary team that has experience in designing, implementing, running, continuously improving, and auditing management systems. We are by your side in every stage of your journey, just as we are and have been with multiple other organisations.

Our proven experience brings you:

  • A tailored approach: The context of the organisation determines the approach that is right for you. Together we determine what makes sense for your organisations and what does not.
  • A pragmatic approach: Although there is a certain formalism in management systems, we ensure that what we co-create is pragmatic and brings value.
  • A compliant approach: Regardless of whether you want to pursue certification in the short term or not, our modular approach ensures that each building block is aligned with ISO standards, so that whenever you decide to go for certification, you can face the auditors with confidence.

When properly executed, a management system will be the catalyst for transformation. Let us be the partner to launch you on this exciting journey. Reach out today and we can get in touch to further explain our approach and demonstrate our expertise.

Get in touch with our experts

Zoltán Szöllősi

Zoltán Szöllősi


Zoltán is a Partner responsible for leading the IT Risk & Control and Internal Audit service line at Deloitte Hungary. He has been performing and managing audit and advisory projects for over 19 years... More