ISO 27001 is a globally acknowledged standard defining the requirements for an Information Security Management System (ISMS). The standard considers Information Security as a combination of people, process, and technology.
The standard is globally acknowedged, comprehensive and widely acknowledged. It is also easily integrated with other standards of the ISO family, particularly with ISO 9001. ISO 20000, the service delivery standard, is easily plugged on.
That way ISO 27001 enables companies to measure the risk to their information and ensure the selection of adequate and proportionate security controls that protect information assets, thus enhancing confidence of the organization's stakeholders. At the same time ISO 27001 streamlines business processes and facilitates implementing other standards.
No comments:
Post a Comment