Logo Environmental XPRT
Companies
Products
Services
Software
Training
Applications
Sign in
List your business
Alcumus Holdings Ltd
About

Model ISO 27001 -Information Security Management Standard (ISMS)

SHARE

ISO 27001 specifies the management of Information Security. Applicable to all sectors of industry and commerce, it is not confined just to information held on electronic systems, but addresses the security of information in whatever form it is held. ISO 27001 is one of the standards in the ISO 27000 family.

Most popular related searches
UKAS accreditation
UKAS certification
UKAS
security system

Gaining certification from a UKAS accredited certification body (such as ISOQAR) demonstrates that the security of your information has been addressed, implemented and properly controlled. But the benefits don’t stop there:

  • Customers, employees, trading partners and stakeholders are comforted in the knowledge that your management information and systems are secure.
  • Demonstrates credibility and trust.
  • Cost savings - even a single information security breach can involve significant expence.
  • Establishes that relevant laws and regulations are being adhered to.
  • Shows that a commitment to Information Security exists at all levels throughout an organisation.

Information security can be characterised as the preservation of:

    Confidentiality - ensuring that access to information is appropriately authorised
    Integrity - safeguarding the accuracy and completeness of information and processing methods
    Availability - ensuring that authorised users have access to information when they need it

ISO 27001 contains a number of control objectives and controls. These include:

  •     Security policy
  •     Organisational security
  •     Asset classification and control
  •     Personnel security
  •     Physical and environmental security
  •     Communications and operations management
  •     Access control
  •     System development and maintenance
  •     Business continuity management
  •     Compliance

Why is Information Security Needed?

Information is now globally accepted as being a vital asset for most organisations and businesses. As such, the confidentiality, integrity, and availability of vital corporate and customer information may be essential to maintain competitive edge, cash-flow, profitability, legal compliance and commercial image. ISO 27001 is intended to assist with this task. It is easy to imagine the consequences for an organisation if its information was lost, destroyed, corrupted, burnt, flooded, sabotaged or misused. In many cases it can (and has) led to the collapse of companies.