Results 1 to 3 of 3

Thread: Iso, iso-27001

  1. #1

    Question Iso, iso-27001

    What is ISO-27001?

  2. #2

    Lightbulb Iso, iso-27001

    Quote Originally Posted by AKASH View Post
    What is ISO-27001?


    ISO 27001

    The goal of ISO 27001:2005 is to provide a common base for developing organizational information security policies and procedures. This standard can be used by any organization, institution or a company which uses internal or external computer systems/ possesses, depends on information technology to carry out its business activities, or simply wishes to adopt information security.
    ISO 27001 part of a growing family of ISO standards, the 'ISO 27000 series is an information security management system (ISMS) standard published in October 2005 by the International Organization for Standardization (ISO).
    Its full name is ISO/IEC 27001:2005 - Information technology -- Security techniques -- Information security management systems -- Requirements but it is commonly known as "ISO 27001".
    The objective of the standard itself is to "provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an Information Security Management System
    It is intended to be used in conjunction with ISO 27002, the Code of Practice for Information Security Management, which lists security control objectives and recommends a range of specific security controls. Organizations that implement an ISMS in accordance with the best practice advice in ISO27002 are likely simultaneously to meet the requirements of ISO 27001 but certification is entirely optional (unless mandated by the organization's stakeholders).
    ISO 27001 is suitable for all those organization where the protection of information is critical, such as in the IT sector, BPO, finance, health. Irrespective to size, location of the organization. it can be used to assure customers that their information is being protected.
    Three ISO2700 standards are already available:
    • ISO 27001: The Information Security Management System certification standard;
    • ISO 27002: The code of practice for information security management with advice on a broad range of controls;
    • ISO 27006:, a guide to the ISMS certification process for certification bodies.

  3. #3

    Post Re :-

    Below listed are the top three benefits of ISO 27001 :-

    -> It provides security policy.
    -> Business continuity management.
    -> It enhances security awareness within your organisation.

Tags for this Thread


Posting Permissions

  • Register / Login to post new threads
  • Register / Login to post replies
  • Register / Login to post attachments
  • You may not edit your posts