ISO 27001 Consultant
About ISO 27001
An Information Security Management System (ISMS) provides a systematic approach to managing sensitive information in order to protect it. It encompasses employees, processes and information systems.Till the end of year 2009, more than 12000 organizations worldwide certified against this standard. Its purpose is to protect the confidentiality, integrity and availability of information.
- Systematically examines the organization’s information security risks, taking account of the threats, vulnerabilities and impacts;
- Designs and implements a coherent and comprehensive suite of information security controls and/or other forms of risk treatment (such as risk avoidance or risk transfer) to address those risks that it deems unacceptable; and
- Adopts an overarching management process to ensure that the information security controls continue to meet the organization’s information security needs on an ongoing basis
The standard defines its ‘process approach’ as “The application of a system of processes within an organization, together with the identification and interactions of these processes, and their management”. It employs the PDCA, Plan-Do-Check-Act model to structure the processes Objective of ISO 27001 Consultant.
The ISO 27001 Standard specifies a set of requirements for the establishment, implementation, monitoring and review, maintenance and improvement of an Information Security Management System (ISMS), which is a management system aimed at managing information security risks.
ReplyDeleteThanks for the sharing information about ISO 27001 standard, it was awesome post. I believe that this information helps in implementation of ISO 27001 Download for information security management system and iso 27001 certification.
ReplyDelete