ISO 27001 - Information Security Management System
ISO 27001 is the only auditable international standard that defines the requirements of an information security management systems (ISMS).
An ISMS is a set of policies, procedures, processes and systems that manage information risks, such as cyber-attacks, hacks, data leaks, theft financial information or intellectual property. The ISO27001 is the most popular standard for information security.
The ISO 27000 provides an overview of the information security management systems. Like most ISO standards, the ISO 27 000 family of standards covers more than a dozen standards in the ISO 27 000 family, all of which will guide you through the various aspects of an ISMS system implementation.
Elements included in the ISO 27001 standards:
* A Defined Risk Management Process
* Various classifications of information
* Organizational structures
* Access controls
* Information security policies & procedures
* Technical safeguards
* Monitoring & reporting guidelines
In conclusion, leadership's commitment towards a certified ISO 27001 standards shows its intended in protecting the organization's data assets from loss or unauthorized access, and recognized means of demonstrating their commitment to information security management through certification.
Elements included in the ISO 27001 standards:
Contact the SAQI team for assistance in pointing you to the most applicable SAQI partner to assist you. SAQI has various partners that can assist you with your implementation of an ISO 27 001 certified system.