Académique Documents
Professionnel Documents
Culture Documents
An ISMS is a framework of policies and procedures that includes all legal, physical
and technical controls involved in an organisation's information risk management
processes.
Being ISO 27001 approved is a certification which shows that the business has
defined and implemented effective Information security processes.
Created by Imran Ahmed (ImranahmedIT) www.imran-ahmed.co.uk
Benefits of ISO27001 – Table (1)
Information Security Issue How ISO 27001 helps Benefits
With increasing fines for personal It provides a framework for the • Supports compliance with relevant laws and
data breaches, organizations need management of information security regulations
1 to ensure compliance with risks, which ensures you take into • Reduces likelihood of facing prosecution and
legislative requirements, such as account your legal and regulatory fines
the UK Data Protection Act requirements • Can help you gain status as a preferred supplier
It requires you to identify risks to • Protects your reputation
Potential information breach, your information and put in place • Provides reassurance to clients that their
2 damaging your reputation security measures to manage or information is secure
reduce them • Cost savings through reduction in incidents
27006 - a guide to the certification or registration process for accredited ISMS certification
or registration bodies. (Published in 2007)
Other standards that have also been developed in the 27000 family are:
If you like to contact me, feel free to head over to my website: www.imran-ahmed.co.uk