ISO 27001 is an information risk management standard and part of the ISO/IEC 27000 family of standards. It is designed to provide guidance in the selection of adequate and proportionate controls to protect information.
The controls include identifying information security risks, proactively managing compliance with laws and regulations and providing a framework for the implementation and management of controls. They also set out the objectives of information security management and define the information security policies, processes and standards to be adopted by a business.
Organisations that meet the requirements may be certified by an accredited Certification Body (CB) following successful completion of an audit.
ISO 27001 is becoming more relevant in the current climate as organisations look for ways to manage their information risks. Implementation is intended to provide businesses with an appropriate level of information security protection. Certification provides third parties and customers with confidence that information they share will be protected.
As an international standard, it is accepted worldwide (subject to certification by an accredited CB) as evidence of an organisation’s commitment to information security.
The standard sets out a series of controls that need to be in place to meet the certification requirements. Implementing these controls ensures adoption of best practice and saves time with a ready-made approach.
Ascentor can steer you through what is needed to become ISO 27001 compliant. We start with our tried and tested Gap Analysis, a four-step process that will arm you with the knowledge to make business decisions regarding improvements and related resources.
On completion of an Ascentor Gap Analysis, you will understand where you are today, what needs to be done and an outline plan of how to achieve it. We can then support identified remediation activities and provide ongoing support to maintain your status and continually improve your cyber security posture in accordance with your business objectives.
Your cyber security challenges and our pragmatic approach – we could be the perfect fit. Contact Dave James, MD at Ascentor for an informal chat.