|
Services • Information Security Management System
|
|  Information Security Management System (ISMS)
ISO 27000:2005 (BS 7799)
An Information Security Management System (ISMS) provides a systematic approach to managing sensitive information in order to protect it. It encompasses employees, processes and information systems.
The world renowned British Standard for Information Security Management Systems, BS 7799-2:2002, has been updated and was released on the 15 October 2005 as an international standard, ISO/IEC 27001:2005.
ISO 27001 defines comprehensive requirements for an ISMS that deals with all the technical and Human aspects in information security in all its operational processes. Companies can be independently audited to ISO 27001and achieve registration to show their customers, partners and regulatory bodies that their processes are secure in handling information.ISO 27001 refers to ISO 17799 for implementation guidance and includes an abstract of ISO 17799 as an appendix showing auditors the kinds of control to expect.
The goal of ISO 27001 is to provide a common base for developing organizational security standards and effective security management practice and to provide confidence in inter-organizational dealings.
|
| | |
|
|
|
Information Security Management System
