Does your organisation comply with ISO 27001, the international standard for an Information Security Management System (ISMS)?
With the increasing sophistication of cyber-attacks, and security vulnerabilities growing from year to year, the need for a globally recognised information security standard is becoming a need than a luxury. Information is an asset and hence needs to be protected from security threats. The objective of ISO 27001 is to not only to align to the security standard but to establish a discipline of IT operations by providing a benchmark for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an ISMS.
ISO 27001 contains 11 domains that cover the following key areas:
Security policy – management direction.
Organisation of information security – governance of information security.
Asset management – inventory and classification of information assets.
Human resources security – security aspects for employees joining, moving and leaving an organisation.
Physical and environmental security – protection of the computer facilities.
Communications and operations management – management of technical security controls in systems and networks.
Access control – restriction of access rights to networks, systems, applications, functions and data.
Information systems acquisition, development and maintenance – building security into applications.
Information security incident management – anticipating and responding appropriately to information security breaches.Business continuity management – protecting, maintaining and recovering business-critical processes and systems.
Compliance – ensuring conformance with information security policies, standards, laws and regulations
At Stickman we have a team of qualified ISO 27001 consultants who assist companies through all the stages of achieving the ISO 27001 standard and organise for independent consultants to review and provide a full independent audit and certification.
To get a better understanding please talk to a consultant today to organise your free ISO 27001 workshop that will give you an opportunity to learn more about the standards and asks any questions to a qualified expert.
Are you up to date with ISO 27001:2013?
Gain in-depth knowledge and understanding of what is be expected to comply with ISO 27001:2013.
- Understand how the standard will apply to your environment.
- Learn about the key components of the standard.
- Identify 9 key steps to help with your transition.
Does your company comply with ISO 27001?