What is ISO 27001?
ISO 27001:2005, the current version of the standard, provides a set of standardised requirements for an information security management system (ISMS).
The standard is especially suitable where the protection of information is critical, such as in the banking, financial, health, public and IT sectors.
The standard is also very applicable for organisations which manage high volumes of data, or information on behalf of other organisations such as data centres and IT outsourcing companies.
ISO 27001 Summary
ISO 27001 contains eleven sections with one hundred and thirty three requirements in total.
The sections are: Security Policy, Organisation of Information Security, Asset Management, Human Resources Security, Physical & Environmental Security, Communications & Operations Management, Access Control, Information Systems Acquisition, Development and Maintenance, Information Security Incident Management, Business Continuity.
ICB and ISO 27001
Certification to ISO 27001 allows ICB to prove to our members and other stakeholders that we are managing the security of information we hold.
The ISO 27001 Information Security Management System (ISMS) standard that we have recently implemented provides a framework for Information Security Management best practice that helps our organisation:
- Protect members and employee information.
- Manage risks to information security effectively.
- Achieve compliance.
- Protect the organisation's brand image.
Information security and data protection are of supreme importance to organisations globally who are safeguarding both their customers and company data against potential threats.
We have integrated a robust information security management system in our organisation, which can ensure that the quality, safety, service and reliability of our data management has been safeguarded to the highest level.
Certification Europe: ICB certification body of choice
Certification Europe is an INAB accredited certification body.
This means that they have the authority, expertise and know-how to assess organisations against the requirements of ISO 27001 and award those which have successfully met the requirements of the Information Security standard with a certificate which is recognised worldwide by any level of organisation.