ISO/IEC 27001

Information Security Management

ISO/IEC 27001

Information is a valuable asset that can make or break your business. When properly managed it allows you to operate with confidence. Information security management gives you the freedom to grow, innovate and broaden your customer-base in the knowledge that all your confidential information will remain that way.

What are the benefits of ISO/IEC 27001 Information Security Management?

Identify risks and put controls in place to manage or reduce them.
Flexibility to adapt controls to all or selected areas of your business.
Gain stakeholder and customer trust that their data is protected.
Demonstrate compliance and gain status as preferred supplier
Meet more tender expectations by demonstrating compliance.

Information security can be characterised as the preservation of:

Confidentiality

ensuring that access to information is appropriately authorised

Integrity

safeguarding the accuracy and completeness of information and processing methods

Availability

ensuring that authorised users have access to information when they need it

ISO 27001 contains a number of control objectives and controls. These include:

Security policy
Organisational security
Asset classification and control
Personnel security
Physical and environmental security
Communications and operations management
Access control
System development and maintenance
Business continuity management
Compliance