|
Untitled Document
|
ISO 27001 - Information Security Management Systems
Information security and data protection are of supreme importance to organisations globally who are safeguarding both their client and company data against potential threats. By integrating a robust information security management system your organisation can ensure that the quality, safety, service and product reliability of your organisation has been safeguarded to the highest level.
ISO 27001 is the international standard which is recognised globally for managing risks to the security of information you hold. Certification to ISO 27001 allows you to prove to your clients and other stakeholders that you are managing the security of information in your possession, The ISO 27001 Information Security Management system (ISMS) standard provides a framework for Information Security Management best practice that helps organisations:
Protect clients and employee information
Manage risks to information security effectively
Achieve compliance
Protects the company's brand image.
What is ISO 27001?
ISO27001 information security management is the international best practice standard for information security. ISO 27001:2013, the current version of the standard, provides a set of standardised requirements for an information security management system (ISMS). ISO 27001 certification is suitable for any organisation, large or small and in any sector. The standard is especially suitable where the protection of information is critical, such as in the banking, financial, health, public and IT sectors. The standard is also very applicable for organisations which manage high volumes of data, or information on behalf of other organisations such as datacentres and IT out sourcing companies.
ISO 27001 Summary
ISO 27001 contains eleven sections with one hundred and thirty three requirements in total. The sections are: Security Policy, Organisation of Information Security, Asset Management, Human Resources Security, Physical & Environmental Security, Communications & Operations Management, Access Control, Information Systems Acquisition, Development and Maintenance, Information Security Incident Management, Business Continuity Management, Compliance. Benefits of ISO 27001.
Protecting your organisations information is critical for the successful management and smooth operation of your organization. Completing ISO/IEC 27001 information security management systems certification will aid your organisation in managing and protecting your valuable data and information assets.
By achieving certification to ISO 27001 your organisation will be able to reap numerous benefits such as:
Keeps confidential information secure
Provides customers and stakeholders with confidence in how you manage risk
Allows for secure exchange of information
Allows you to ensure you are meeting your legal obligations
Helps you to comply with other regulations (e.g. SOX)
Provide you with a competitive advantage
Enhanced customer satisfaction that improves client retention
Consistency in the delivery of your service or product
Manages and minimises risk exposure
Builds a culture of security
Protects the company, assets, shareholders and directors
ISO 27001 Certification process
Certification to ISO 27001 is a two stage process.
ISO 27001 Stage 1 (Pre-assessment)
ISO 27001 Stage 2 (Certification)
ISO 27001 Stage 1 is completed on site to determine if your system has met the minimum requirements of the standard and is capable of being audited.
ISO 27001 Stage 2 (once stage one is completed and you have made any necessary changes) is an audit of the effectiveness of the system. Both stages must be completed to become certified.
An ISO 27001 certificate lasts for 3 years and a company needs to undergo surveillance visit audits annually to maintain their ISMS 27001 certification.
After each stage, the Lead Auditor will prepare and deliver a comprehensive written audit report detailing the findings of the assessment. On successful completion of stages one and two, the auditor will recommend to our CAAC Certification Manager with the detailed report. The Certification Manager will review your file to ensure that the recommendation has been made in an impartial, fair and competent manner, and then the company will be informed of its status.
Once your organisation passes both stages, you will be officially certified to ISO 27001.
Contact Us
For more information about this service and CAAC certified Inspection body & Consultants, contact us directly by email [email protected]
|
|
