Publisher's Synopsis
This tool has a very specific, high-level purpose in any ISMS project, which is to quickly and clearly identify the controls and control areas in which an organisation does not conform to the requirements of the standard. It is designed to help prioritise work areas in initial project planning and for final, pre-certification audit review of the ISMS. It is not designed to carry out a detailed gap analysis, as this requires a far more granular approach to assessing an organisation's current information security control structure. This tool is designed to work in any Microsoft environment; it does not need to be installed like software, and it does not depend on complex databases. It is reliant on human involvement.
