ISO 27001 information security management system

IMSM will help you to install a working ISMS (Information Security Management System), pass Audit and be Registered and Secure
Keyword search
Compliance

News

Risk

Other ISO standards

Associations




You are in: ISO 27001 - The Facts


The Users


Security Starts with the users

In October 2005 the new International Standard ISO 27001 for Information Security was launched by the ISO Organization in Geneva www.iso.org ISO is the gold standard of management systems subscribed to by 76 countries, the best known standard being ISO 9001: 2000 quality.


The new standard is the result of thousands of submissions from IT security professionals worldwide and draws on their combined experience of actual information security issues and incidents. It provides a solid framework for exercising control as opposed to a myriad of unconnected ad-hoc solutions.


IMSM with 12 years experience of installing ISO systems as their sole activity has ensured that its IRCA qualified Assessors are ready to help clients install ISO 27001 worldwide with fast track registration using a practical, red tape free, industry specific system with a 100% guarantee of registration for a fixed fee. The independent external confidential audit and registration is the proof and the difference between ISO and many other standards.


The lesson from the standard is that Information Security starts with a professional risk assessment on the Information Security Assets and moves on to company policy and what IT professionals and management boards want to do about it in their organization. Compliance is also an issue and the information security aspects of Sarbanes Oxley, HIPAA, Turnbull etc are all covered by ISO 27001. The Implementation of procedures to control the risks within levels acceptable to the board starts with the users and access and usage issues and once the objectives are clear it moves on to the hardware, software and setup, mostly using existing facilities but with the option to improve using some of the many products available depending on the agreed policy.

The ISO does not force you into a prescriptive straitjacket but rather asks you to make an objective assessment of the risks and make your own decisions about what you want to do as a sensible balanced policy.


The net result is maximum system availability and protection from failure, business continuity protection, securing your customer?s information ? particularly when processing this or accessing it by your staff ? many companies and public sector organizations are now asking their suppliers to be registered to ISO 27001. Protection for your (your shareholders) intellectual property from theft, loss or damage and meeting corporate governance and legal requirements are also secured.


Registration to ISO 27001 tells everyone (and particularly customers, regulators and shareholders) you are running a secure, reliable system and are unlikely to let them down. As such it is a differentiator between your organization and others and a valuable aid to winning new business, protecting existing business and maintaining shareholder value.


Further information from Alex Cox, IMSM, The Gig House, Oxford Street, Malmesbury, Wiltshire, UK. SN16 9AX. Tel: 0044 1666 826065


[ Back to top ]


IMSM, The Gig House, Oxford Street, Malmesbury, Wiltshire, SN16 9AX. Tel: 01666 826065. Powered by BouncingFish