ISO/IEC 27001:2013 is the International Standard for information security. It is part of the ISO/IEC 27000 family of standards and details the requirements for an information security management system (ISMS). Organisations seeking recognition of their best practice approach to information security can achieve accredited certification against the standard.
Implementation of ISO/IEC 27001 is supported by guidance in ISO/IEC 27002. ISO/IEC 27001 can be implemented by any size or type of organisation. There are currently forty-seven standards in the ISO/IEC 27000 series, all of which can be seen here.
Buy ISO/IEC 27001:2013.
How does ISO/IEC 27001 work?
The main focus of ISO/IEC 27001 is to protect the confidentiality, availability and integrity of information in an organisation. This is done by undertaking a risk assessment of the potential risks that are posed to the organisation’s information, and then defining what needs to be done to prevent these from happening (risk treatment/risk mitigation) by implementing controls.
ISO/IEC 27001 Resources
What are the benefits of ISO/IEC 27001?
The main benefits of ISO/IEC 27001 certification are as follows:
- Comply with legal and regulatory requirements – by implementing ISO/IEC 27001 you can comply with many of the legal and regulatory requirements relating to information security.
- Get a competitive advantage – by becoming certified, and if your competitors do not, you achieve a marketing advantage.
- Lower costs – by preventing incidents before they occur you save money – each disruption to business is costly.
- Improved security awareness throughout the organisation – this means that data breaches, and the fines associated with them, are less likely, lowering the risk of reputational damage.
- Improved structure and focus –if you are an organisation that is growing rapidly information security processes will be confused and haphazard. ISO/IEC 27001 helps to clear up this mess by making you refine and document many of your business-critical processes.
ISO/IEC 27001 Implementation
Implementing an ISMS that meets the requirements of ISO/IEC 27001 can be a challenging task. We at ITSM Shop can help you, no matter how little or how much help you need. We offer our ISO27001 Documentation Toolkit (coming soon) for those who need a little help. Alternatively, we have a team of experienced consultants who can help you no matter what stage you are at of your ISO/IEC 27001 project.
Call us on +44 (0) 3333 445 286 to discuss your ISO27001 project, or email firstname.lastname@example.org
A Concise Introduction to ISO/IEC 27001:2013From: £7.95 Select options
A Practical Guide to Cyber Security for Small Businesses
From: £19.95Select options
Cyber Security (Paperback)£24.99 excluding VAT Add to basket
Information Risk Management: A Practitioner’s Guide (Paperback)£27.99 excluding VAT Add to basket