ISMS Consultancy

For many companies, the information possessed is an asset that poses equal importance and requires equal protection as other commercial assets. While technological measures involving security products or security mechanisms play an undeniable role, we cannot talk about an information management system that is accepted and implemented across the entire organization unless a risk-based approach is taken to information security. Information Security Management System is a management system that is erected on security controls identified through risk management and constant improvement of these controls.

Lostar puts into life all of the ISMS processes hand in hand with you, and readies your company for the ISO/IEC 27001 certification audit. This service begins with the development of the scope document and ends upon receipt of the certificate by the company. The human factor is not ignored while ensuring information security. Consultants on the Lostar payroll meets all your ISMS needs on a broad range from employee awareness enhancement training to use of all necessary tools. ISO/IEC 27001, the International Information Security Management Standard, and Plan-Do-Control-Act methodology are our mainstays in the establishment of the ISMS.


  • Prevents unnecessary investments in relation to information security activities
  • Maximizes returns on investments by providing priority solutions to priority issues
  • Helps achieve the desired targets (establishment of ISMS, ISO 27001 certification, ISMS management and improvement) in the shortest time possible

How We Work

Analysis, planning, implementation and improvement works necessary for establishing the ISMS are carried out. Necessary know-how and experience support are provided in these aspects.

  • Determination of scope and identification of Information Security Strategies
  • Deciding the Risk Analysis method
  • Analysis of the processes covered in the scope
  • Selection of assets, threats and vulnerabilities, identification and listing of risks
  • Determination and evaluation of control options
  • Launching the Information Security Management System


  • Establishment and management of a self-running Information Security Management System in the enterprise
  • Constant improvement of ISMS through a control system set up at the right points
  • Obtaining the targeted certification

How we can help you with ISO 27001 compliance and Information Security Management System?