Here are some important facts about the ISO 27001 standard which concerned businesses should take note of if they want to remain competitive.
1. The ISO 27001 version, which was published officially in 2005, is only the first among the ISO 27000 series but it is by far the most significant considering that it defined the system.
2. The ISO 27001 has been harmonized so it compliments and is compatible with ISO 17799 (also known as ISO 27002), ISO 14000 and ISO 9000. However, each of them has their own function.
3. Organizations or establishments that are already compliant with the provisions of ISO 27002 can opt for certification although the fact that they have been certified under ISO 27002 means they can meet the provisions of the present standard, Those seeking certification for ISO 27001 can contact the various certification bodies that have been accredited.
4. ISO 27001 is the first of a series and organizations can expect a long list from the ISO 27000 series including the following:
· ISO 27003 which contains the new guide to the implementation of the ISMS
· ISO 27004 which contains the new standards set for the measurement of information security as well as metrics
· ISO 27005 which contains a list of the suggested standard for managing risks
· ISO 27006 which contains the guidelines to be followed for the registration and certification process
· ISO 27007 which contains the guidelines to be followed in the audit of systems for information security management · ISO 27799 which contains the guidelines to be followed by the health sector when complying with ISO 27001
5. ISO 27001 has been translated and published in different languages but the information contained in all the versions should be the same as the original version.
No comments:
Post a Comment