ISO 27001 Information Security Management

What is it?
ISO 27001 is an Information Security Management System which adopts a business risk approach.

Achieving ISO 27001 accreditation demonstrates to your suppliers and clients a commitment to Information Security through an audited management system, risk assessment and controls.

More Than Just Documents
An overall culture of Information Security needs to be adopted by your organisation and reflected in your operations.

No management system will function correctly unless all those involved are fully aware of their responsibilities within it. Therefore it is important that training is provided for staff and that the system is fully communicated and available to all staff.

The Advantages
A certification from and external body demonstrates that the requirements of the ISO 27001 standard are in place and functioning.

It also:

• Reassures clients of your credibility.
• Reduced security incidents lead to cost savings.
• More tender documents are accepting ISO27001 accreditation as evidence of Information security compliance.
• Helps to ensure compliance with relevant laws.

How We Can Help
Our consultants will guide you through the process of establishing a management system, including documentation and risk assessments.

We will support you with any queries, conduct internal audits and arrange for the system to be audited by a UKAS accredited assessment body.

See Also:
The Data Protection Act
OHSAS 18001 - Health and Safety
ISO 9001 - Quality Management
ISO 14001 Environmental Management

© Copyright Associate Enterprises Limited t/a Assent Risk Management. [ Site Map | Valid XHTML 1.0 | Valid CSS ]