In this growing world of business it is very important to secure the each and every bit of information of the organisation and for that it is vital to ensure the need for confidentiality, integrity, and availability of both vital corporate information and customer information.
An Information Security Management System (ISMS) is a systematic approach to managing sensitive company information so that it remains secure. It encompasses people, processes and IT systems.
ISO 27001 is a specification for the ‘’ Management of Information Security’’.The ISO 27001 standard was published in October 2005, essentially replacing the old BS7799-2 standard. It is the specification for an ISM, an Information Security Management System..
ISO/IEC 27001:2005 (formerly BS 7799-2:2002) establish best practices to "provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an InformationSecurity Management System".
ISO 27001 contains a number of control objectives and controls and these include:
- Security policy
- Organizational security
- Asset classification and control
- Personnel security
- Physical and environmental security
- Communications and operations management
- Access control
- System development and maintenance
- Business continuity management
- Comforts customers, employees, trading partners and stakeholders – in the knowledge that your management information and systems are secure.
- Management Understanding of the Value of Organisational Information
- Business Partner Confidence, Satisfaction and TRUST
- Organisational Effectiveness of Communicating Security Requirements
Niall offer’s a customized training program on ISO 27001:2005 for:-
- ISO 27001 - Implementation and documentation requirements
- ISO 27001 - Internal Auditor training