The necessary control objectives are not only implemented but also operated, monitored, controlled, maintained and improved.
The standard requires the company's IT operations to maintain the following qualities:
- Confidentiality: information for identified, authorized persons
- Integrity: information, methods and processes are precise and permanent
- Availability: systems and infrastructure are stable and available round-the-clock
That is really interesting!
ReplyDeleteISO 27001 Certification
It is really very helpful for us and I have gathered some important information from this blog.
ReplyDeleteISO 27001