ISO 27001

 


PRINCIPLES OF ISO 27001 STANDARD

ISO 27001 defines how to manage information security through a series of information security management. The ISO 27001 standard is based on the Plan-Do-Check-Act methodology that should be continuously implemented in order to minimise risks to the confidentiality, integrity and availability of information. The phases are as following:

  • Plan: Serves to plan the basic organisation of information security, set objectives for information security and choose the appropriate security controls.
  • Do: Implement the planned processes.
  • Check: Monitor the functioning of the ISMS and measure if the results meet the set objectives.
  • Act: Take action to continually improve effectiveness on things that were identified as non-compliant in the previous phase.

 

The benefits of ISO 27001 Certification

  • Ensure compliance with the legal and regulatory requirements
  • Independently verify that your organisational risks are properly identified, assessed and managed, while formalising information security processes, procedures and documentation
  • Continually monitor your organisation’s performance
  • Demonstrate your commitment to implement high level of security and adherence to information security towards company’s stakeholders