ISO 27001 is the only audit-able international standard which defines the requirements for an Information Security Management System (ISMS). The standard is designed to ensure the selection of adequate and proportionate security controls. This helps you to protect your information assets and give confidence to any interested parties, especially your customers.
Learning Outcomes
- Information security management system
- Management responsibility
- Internal ISMS audits
- Management review of the ISMS
- ISMS improvement
- Control objectives and controls
- OECD principles and this international standard
- Correspondence between ISO 9001:2008, ISO 14001:2004
Benefits
- Demonstrates the independent assurance of your internal controls and meets corporate governance and business continuity requirements
- Independently demonstrates that applicable laws and regulations are observed
- Provides a competitive edge by meeting contractual requirements and demonstrating to your customers that the security of their information is paramount
- Independently verifies that your organisational risks are properly identified, assessed and managed, while formalising information security processes, procedures and documentation
- Proves your senior management's commitment to the security of its information
- The regular assessment process helps you to continually monitor your performance and improve
Sysco Blog
