What is ISO 27001?
ISO 27001 is a specification for the management of information security. It is applicable to all sectors of industry and not confined to just information held on computers. Information may be printed or written on paper, stored electronically, transmitted by post or email, shown on films, or spoken in conversation. Whatever the media the information takes, or means by which it is shared or stored, the ISO 27001 standard assists in providing a system approach an organisation ensure it is always appropriately protected.
Information security can be characterised as:
Confidentiality, ensuring that access to information is appropriately authorised
Integrity, safeguarding the accuracy and completeness of information and processing methods
Availability, ensuring that authorized users have access to information when they need it
Why apply for ISO 27001 certification?
Information is now globally accepted as being a vital asset for most organisations. Therefore the confidentiality, integrity, and availability of corporate and customer information may be essential to maintain competitive edge, cash-flow, profitability, legal compliance and commercial image.
The ISO 27001 standard is intended to assist with these risks. It is easy to imagine the consequences and damage to a brand or organisation if its information was lost, destroyed, corrupted, burnt, flooded, sabotaged or misused.
Requirements of the ISO 27001 standard?
The main requirements of the standard can be categorised as follows:
|Security policy||Communications and operations management|
|Organisational security||Access control|
|Asset classification and control||System development and maintenance|
|Personnel security||Business continuity management|
|Physical and environmental security||Compliance|
What are the benefits of ISO 27001 certification?
|Demonstration of credibility and trust||Proven business credentials|
|Establishes that laws and regulations are being met||Openings in new markets|
|Ensures commitment to on-going information security||Customer satisfaction|
|Provides confidence to stakeholders, customer, trading partners, employees|
What is the certification process?
The certification process is in three simple steps:
Application for certification
Complete the on line form for GlobalGROUP to send a quotation.
Initial Certification Audit
The assessment process is based on a 2 stage approach as follows:
Stage 1 – a basic audit to check whether the organisation is in a state of readiness for the stage 2 audit and involves the following:
|Confirm that the quality manual conforms to the requirements of the ISO 27001||Production of a report that identifies any non-compliance or potential for non-compliance and|
|Confirm the scope of certification including any justifiable exclusions||Production of an assessment plan and confirm a date for the stage 2 assessment visit.|
|Check legislative compliance||Agree a corrective action plan if required.|
Stage 2 – the purpose of this visit is to confirm that the quality management system fully conforms to the
requirements of ISO 27001 in practice and involves the following:
|Undertake sample audits of the processes and activities defined in the scope of assessment||Produce an audit programme and confirm a month and year for the first surveillance visit|
|Document how the system complies with the standard||Report any non-compliances or observations|
For more information about ISO 13485 please contact us by phone or email at email@example.com. We will be pleased to assist you.
- ISO 9001 Sertfikasi
- ISO 14001 Sertfikasi
- ISO 45001 Sertfikasi
- ISO 21001 Sertfikasi
- ISO 22001 Sertfikasi
- ISO 37001 Sertfikasi
- ISO 27001 Sertfikasi
- ISO 50001 Sertfikasi
- ISO 55001 Sertfikasi
- ISO 13485 Sertfikasi
- ISO 28000 Sertfikasi
- ISO 29001 Sertfikasi
- ISO 31000 Sertfikasi
- ISO 20000 Sertfikasi
- ISO 39001 Sertfikasi
- ISO 20121 Sertfikasi
- ISO 21500 Sertfikasi
- ISO 22301 Sertfikasi
- ISO 15189 Sertfikasi
- OHSAS 18001 Sertfikasi
- HACCP Sertfikasi
- Halal Food Sertifikasi
- Global GAP/OC Sertifikasi
- AS 9100 Sertifikasi
- SMK3 Sertifikasi