United Kingdom
International Network
ISO 27001 Information Security Management
Standard FAQs
What is the ‘ISO 27001’?
Who is ISO 27001 relevant to?
What are the benefits ‘ISO 27001’?
ISO 27001 within 30 days?
The ISO 27001:2005 Information Security Management Systems (ISMS) Standard is primarily concerned with ‘Information Security Management’ issues. It is a generic standard, and as such can be applied to any size or type of organisation, whatever its product or service, in any sector of activity, and whether it is a business enterprise, a public agency or government department.
The ISO 27001 Standard includes the following main sections:
Information Security Management System (ISMS) Requirements
Management Responsibility
Internal ISMS Audits
Management ISMS Review
ISMS Improvement
If you would like to know more about ISO standards, please download our on-line brochures.
Information is vital for every organisation however large or small. Depending on the circumstances, the loss of information to an organisation could be insignificant or catastrophic. It is only by defining an accurate value of information, any potential loss of that information and the value of access that a true balance can be struck. An ISMS framework provides controls and processes that can be defined that mitigate any threat yet ensuring appropriate access is available and controlled to those who need it.
Information is vital to large organisations such as banks which typically hold detailed information on millions of customers, individuals and businesses. Conflicting requirements from users means that this information must be kept secure from theft and yet accessible for day to day use. For smaller organisations there are different information needs and requirements but the bottom line is that even a single customer record is of value. Therefore, an ISMS is just as relevant to all types and sizes of organisations because information is a valuable asset and even more so in the highly technological world in which we live.
What are the benefits ‘ISO 27001’?
Although ISO 27001 certification is not a legal requirement, most companies opt to achieve certification for key business reasons including:
Improvements in organisations efficiency and effectiveness
Enhanced customer confidence
Reducing the likelihood of information misuse and fraud
Competitive advantage over rivals
Requirement within ‘invitations to tender’ and ‘supply chains’
Meeting legal requirements
With IMS Certification Limited, your organisation is ‘Guaranteed ‘certification within 30 days’ and benefits from a risk-free ‘No Certificate – No Fee’ promise.
Organisations successfully achieving certification against ISO Standards are entered onto the prestigious ‘International ISO Register,’ which is freely available to the public and certification bodies to search and confirm company certification registrations.
Your Next Step
If you would like to discuss your specific certification requirements further, please use the on-line Enquiry Form.
© Copyright 2008 IMS Certification Ltd. All rights reserved.
An IMS Certification International Plc group company.
