ISO 27001 Information Security Management (ISMS) certification
What is ISO 27001?
Your organisation almost certainly stores and handles information and data, even if it’s just phone numbers in a notebook. Once you create a record, you have an obligation to protect its security. Failure to do so leaves you vulnerable to breaches and even prosecution.
ISO/IEC 27001:2013 (normally just known as ISO 27001) is the international standard for Information Security Management Systems (ISMS) and helps you manage this challenge.
It’s not just about cyber security. It allows you to take control of the security of information in whatever form it’s held and however it’s transmitted – on paper, electronically, by post or email, shown on films or even spoken in conversation. Whatever form it takes, or means by which it is stored and shared, the standard helps to make sure it’s always appropriately protected to assist with the preservation of:
Confidentiality – ensuring that access to information is appropriately authorised
Integrity – safeguarding the accuracy and completeness of information and processing methods
Availability – ensuring authorised users have access to information when required