Information Security- ISO 27001

ISO 27001:2013

ISO/IEC 27001:2013 (ISO 27001) is the international standard that provides the specification for a best-practice information security management system (ISMS).

It is one of the most popular information security standards in the world, with certifications growing by more than 450% in the past ten years

  • An Organisation can implement effective ISO 27001 Information Security Management System (ISMS) with very little investment.
  • Additionally, it can be implemented fairly quickly & can be customised to an organisation’s business missions so that it could be used as a strategic asset this, in turn, enables an organisation to be more competitive and also be able to reduce the overall cost of delivering services to customers.

IMPLEMENT SECURITY CONTROLS

  1. Security Policy and Procedure
  2. Strong Password &/or Biometric Authentication
  3. Strong Encryption
  4. Transfer Risk
  5. Awareness Training

Main Benefits

  • Confidentiality – Limiting information access and disclosure to authorised users only and preventing access or disclosure to unauthorised users.
  • Integrity - Maintaining and assuring the accuracy and consistency of data over its entire lifecycle and is a critical aspect to the design implementation.
  • Availability – Availability of information resources.