Information security is a corporate governance responsibility. It can’t be seen as an IT isolated initiative, but rather as a business strategy issue. In that perspective, organizations strive to protect sensitive, proprietary, confidential and classified information. Systems can help operational control, but without adequate guidelines, procedures and practices, information security will continue to be a risk within the organization.
The ISO 27000 family of standards helps organizations keep information assets secure. Using this family of standards will help organizations manage the security of assets such as financial information, intellectual property, employee details or information entrusted by third parties. ISO/IEC 27001 is the best-known standard in the family providing requirements for an information security management system (ISMS).
-
Risk assessment
-
Incident management
-
Problem management
-
Operational portals
Main Benefits
Establish security requirements and objectives.
Comply with the CIA Triad (Confidentiality, Integrity and Availability).
Establish processes that control and review information security.
Audit the level of compliance with procedures, guidelines, standards and policies.
Provide suppliers and business partners with relevant information about the ISMS.
Improve the ability to recover operations and continue business as usual.
Obtain cost savings through reduction in incidents.
Know some success stories
Featured Resources
Webinar
Challenges faced in ITIL, Cobit and ISO/IEC 27002 application
The similarities and differences between the COBIT, ITIL and ISO/IEC 27002 standards, highlighting their features and applications.
Webinar
Common pitfalls of ISO/IEC 27001 implementation/certification project
The most common mistakes made by organizations who are implementing ISO 27001.
Ebook
ISO 27001: Strategies for strengthening information security in your company
Read this e-book and learn the strategies needed to comply with ISO 27001 and strengthen your company's information security.
