An ISMS is needed wherever inappropriate use, disposal or disclosure of organizational information may negatively impact on the privacy of customers or other stakeholders, diminish the standing of the organization or its stakeholders, reveal critical competitor or trading partner information or cause liability under regulation or legislation.
As the availability, volume and interdependencies of information within and between different organizations expands, so does the risk of the above occurring. That’s why demand for a certified ISMS is no longer confined to information technology or records-keeping organizations: it can benefit any industry sector that is subject to risk.
No comments:
Post a Comment