|
Safe storage |
|
Secure back-up |
|
Physical protection |
|
Restricted access |
|
Effective management systems. |
What does ISO/IEC 27001 do?
ISO/IEC 27001 is designed to help organizations ensure high level protection and security for their valuable information assets.
The broad content of ISO/IEC 27001 is similar to the old British Standard, B.S. 17799. It utilizes the PDCA cycle – ‘Plan-Do-Check-Act’. It implements principles established by the Organization for Economic Cooperation and Development (OECD) governing security of information and network systems.
ISO/IEC 27001 is harmonized with other management standards, such as ISO 9001 and ISO 14001
What information systems are covered?
Information in a diverse range of forms is covered, including:
|
Electronic data |
|
Electronic software |
|
Printed documents |
|
Handwritten notes |
|
Photographs and graphics |
|
Video and audio recordings |
|
Telephone conversations |
|
Text messages |
|
Emails |
|
Faxes. |
ISO/IEC 27001 encompasses all these forms of communicating and storing information.
The benefits of ISO/IEC 27001
In addition to providing the reassurance that flows from putting in place high quality security management systems, ISO/IEC 27001 also enhances the credibility and reputation of certified organizations.
Compliance with ISO/IEC 27001 sends the message that your organization is professional, reliable and dependable. Some businesses insist on dealing only with organizations which can confirm, via certification, that their information security systems are robust. ISO/IEC 27001 is now the most authoritative information security management standard internationally.
For all shapes and sizes
For some businesses, such as banks and telecommunications companies, ISO/IEC 27001 is indispensable. However, almost all businesses need secure information systems, no matter what their sector or size.
