|
 |
ISO 27001:2005
How can you keep your information safe over the long-term?
The ISO 27001:2005 Information Security Management Systems (ISMS) standard considers everything about risk. There are three core principles involved: confidentiality, integrity and availability, which cover eleven areas:
- Security policy
- Organization of information security
- Asset management
- Human resources security
- Physical and environmental security
- Communications and
- Operations management
- Access control
- Information systems acquisition, development and maintenance
- Information security
- Incident management
- Business continuity management; and
- Compliance
The first step in achieving ISO 27001:2005 certification/Information Security certification is to define the scope of your ISMS policy. This is critical to identifying the dangers you face and for deciding upon a systematic approach as to how to assess these risks. A successful ISMS includes standard steps for implementation, operation, review, maintenance and system improvement.
The benefits
- Enhances the credibility of your organization;
- Demonstrates the integrity of your data and systems and your commitment to information security;
- Transforms the organization’s culture both internally and externally;
- Opens up new business opportunities with security conscious customers, improving employee ethics;
- Strengthens the notion of confidentiality throughout the workplace;
- Allows enforcing information security and reducing the possible risk of fraud, information loss and disclosure.
How does the certification process work?
For more information:
|
