Information

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut rhoncus risus mauris, et commodo lectus hendrerit ac. Nam consectetur velit et erat fermentum aliquet. In laoreet, sem sit amet faucibus pulvinar, purus tellus tincidunt ex, vel blandit nibh dui sit amet justo.

Categories

Recent Posts

Energy Management Standard (ISO 50001)
Advance Global Consultancy (AGC) (ISO 20000)

INFORMATION SECURITY MANAGEMENT SYSTEM (ISO 27001)

ISO 27001 establishes guidelines and general principles for initiating, implementing, maintaining, and improving information security management in an organization. The objectives outlined provide general guidance on the commonly accepted goals of information security management.

 

ISO 27001 contains best practices of control objectives and controls in the following areas of information security management:

  • Security policy
  • Organization of information security
  • Asset management
  • Human resources security
  • Physical and environmental security
  • Communications and operations management
  • Access control
  • Information systems acquisition, development and maintenance
  • Information security incident MANAGEMENT
  • Business continuity management
  • Compliance

 

The control objectives and controls in ISO 27001 are intended to be implemented to meet the requirements identified by a risk assessment. ISO 27001 is intended as a common basis and practical guideline for developing organizational security standards and effective security management practices, and to help build confidence in inter-organizational activities.

 

Implementation plan and activities details:
ISMS Implementation Plan and Activities

Recommend
Share
Tagged in