The ISO 27002 Information Security Controls Gap Analysis Tool will help your organization identify the extent to which its control stance meets the guidance in the Standard.
This tool is designed to support your organization in its initial project planning of the ISMS (information security management system) security controls, and quickly and easily map your current information security measures against ISO/IEC 27002:2022 requirements. The control categories are on different tabs within the workbook, so you can clearly establish areas for development and plan and prioritize your project effectively.
There is also an executive summary tab with graphs and tables that automatically analyze the inputted responses, showing the number of questions completed, how many controls have been fully implemented, and implementation progress for each control category.
The tool is designed to work in any Microsoft environment; it does not need to be installed like software, and does not depend on complex databases. It is reliant on human involvement.
The tool is not designed for conducting a detailed gap analysis or audit, which require granular compliance assessment. If you require specialist help in this area, please contact us.
For more information read our FAQ here.