|
 |
   |
 |
|
|
|
|
|
|
|
|
|
|
CONSULTANCY SERVICES General Management System Standards ISO/IEC 27001 Introduction A key concern for today’s companies that increasingly rely on the information system is how to manage the information and see to its protection. The ISO/IEC 27001 Information Security Management System (ISMS) standard addresses this very concern and covers the preservation of confidentiality and ensuring the integrity and availability of information. The ISO/IEC 27001 standard will help to address the all-too common and often devastating business impacts such as glitches due to viruses, loss of information, improper disclosure and inability to retrieve information. Benefits of Implementation ISO/IEC 27001 provides uncountable benefits - both tangible and intangible. A typical organisation would enjoy the following:
Frequently Asked Questions (FAQs) Is this an industry-specific standard? Can the Information Technology (IT) Department at my organisation implement this standard? This standard is not an industry-specific standard per se though most who implement it tend to be organisations in the business of information security or managing information. An IT or an Information Security (IS) Department in a manufacturing facility or a bank may find it useful as well to assure others that it has a system in placed for information security. Does the standard just apply to IT? Information security is not just IT security. Information may exist in many other forms - written, printed, verbalised or in images. The underlying principle of this standard is that information in any form, whichever means it is stored, shared or used, must always be appropriately protected. The ISMS assists organizations to carry out the day-to-day management of information in a systematic way and to improve on the protection of this very crucial resource in all organisations ie information.
|
 |
 |
 |
