ISO/IEC 27001 - Information Security Management
What is ISO 27001?
ISO/IEC 27001 certification, part of the growing ISO/IEC 27000 family of standards, is an Information Security Management System (ISMS) standard published in October 2013 by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). Its full name is ISO/IEC 27001:2013 – Information technology — Security techniques — Information security management systems (ISMS) — Requirements but it is commonly known as “ISO 27001”. An ISMS (Information security management system) is a system to manage a company’s information security.
Benefits of a Information Security Management :
- demonstrated due diligence by meeting regulatory and customer requirements
- meeting international best practice for security
- meeting tender requirements and stand out from the competition
- improved reputation and enhanced company profile
- reduced risk of fraud, information loss and disclosure
- all forms of information, ensuring confidentiality, integrity and availability of data secured
- easily integrated with other management systems.