ISO27K1 Toolkit
The Cyber world is constantly being hit by the Cyber attacks and threats to deal with, every organization spends allot of resources to stay safe from such Cyber attacks that is why all the companies start from very basic steps is to have security audit of there organization so that they can reduce t
2025-06-28 16:28:25 - Adil Khan
ISO27K1 Toolkit
Project Area of Specialization Cyber SecurityProject SummaryThe Cyber world is constantly being hit by the Cyber attacks and threats to deal with, every organization spends allot of resources to stay safe from such Cyber attacks that is why all the companies start from very basic steps is to have security audit of there organization so that they can reduce the level of Cyber attacks. A good number of threats can be filtered by the security audit.
A security audit is the evaluation of the the security posture of the organization against an audit checklist of the standards like ISO27001 etc. A Security Audit covers the areas like
- Physical components
- Applications and Software
- Network Vulnerabilities
- And also the human dimension
The security auditors use the automated tools for the audit process as there are allot of security audit tools present in the market that automate the process of auditing but none of them is considered to be the complete package for security audit, so the security auditors have to use more then one tool to perform the audit for the organizations and sometimes it becomes very difficult to arrange or handle the expenses of more then 1 tool. We have performed a gap analysis of the most tools used for security auditing and reached the conclusion that almost each tool lacks the features that are required for a comprehensive security audit. We are making a toolkit that would have all the necessary features for a comprehensive security audit.
ISO27k1 Toolkit will be a web based toolkit that will fully automated the process of security audit against the standard ISO27001. The toolkit will include the main features like “Compliance management, Dashboard, Exceptions management, Multi-year planing, Risk assessment, alerts/notifications, audit planing, task management, Asset tracking, Automated scans, Inventory management and scheduling.
Project ObjectivesThe main objectives of the project are:
- To create an automated security audit tool,
- To have all the necessary features in one package,
- To reduce human effort in security audit,
- To reduce human errors security audit,
- To increase efficiency of security audits.
The implementation methods that we will use are as follows:
- we will first consider the software development life cycle
- After that we will go for back end development using python and SQL for database of the application
- Then we would go for HTML, CSS for the frond end
- Once we have completed the prototype then we will test it under the controlled environment
- When the positive results will be received then we will start developing the actual application
- when the final version is made we will spend almost 1 week to make it more smooth and efficient so that users don't face any problems.
Benefits that this toolkit would made that it will
- Improve security posture of organization,
- Increase security audit efficiency,
- Reduce human effort,
- Reduce human error
The final deliverables will be a web application for all platforms that will run on windows, Linux etc. The user will need just a system that supports html and has 4 GB of RAM then we can proceed with that system
Final Deliverable of the Project Software SystemCore Industry ITOther Industries Security Core Technology OthersOther TechnologiesSustainable Development Goals Gender Equality, Decent Work and Economic Growth, Partnerships to achieve the GoalRequired Resources| Item Name | Type | No. of Units | Per Unit Cost (in Rs) | Total (in Rs) |
|---|---|---|---|---|
| Total in (Rs) | 70000 | |||
| standard server | Equipment | 1 | 70000 | 70000 |