ISO 27001
ISO 27001 is the new standard, which describes the processes and systems used by an organisation to secure their information.
For the purposes of ISO 27001, information security is characterised as the preservation of:
• |
Confidentiality: ensuring that information is accessible to those with authorised access |
• |
Integrity: safeguarding the accuracy and completeness of information and processing methods |
• |
Availability: ensuring that authorised users have access to information and associated assets when required |
How does this affect your business?
Information is your company’s most important asset – and requires suitable protection. This is particularly true for organisations with a duty of care to protect the confidentiality of information they hold, where ISO 27001 may be just one of several conformance issues to be addressed.
How we can help
In addition to physical security, we can advise on the critical factors necessary to protect your information and comply with the ISO 27001 standard, for example:
• |
Security policies that reflect business objectives |
• |
An approach to implementing security that is consistent with the organisational culture |
• |
Visible support and commitment from management |
• |
A good understanding of the security requirements and risk management |
• |
Effective communication of security issues to all managers and employees |
• |
Distribution of guidance on information security policy and standards to all employees and contractors |
• |
Appropriate training and education |
• |
A balanced system of measurement |
|
