Information Security and ISO 27001
URM provides a range of consultancy and training services assisting organisations to develop their information security capabilities and to comply or certify with ISO 27001.
Importance of Information Security
Information security can be defined as protecting the confidentiality, integrity and availability of information (electronic, print or other form) and information systems. The increasing use of information technology and the Internet has provided organisations with numerous business benefits but has also introduced a whole spectrum of new threats. The challenge for information security professionals is achieving the optimum balance between organisational productivity and information security.
What is ISO 27001?
ISO/IEC 27001 is an information security management system (ISMS) Standard which was published in October 2005 by the International Organisation for Standardization (ISO) and the International Electrotechnical Commission (IEC). Along with ISO 27002 (code of practice) ISO 27001 provides organisations worldwide with a framework for managing their information security. Organisations which implement an ISMS in accordance with the best practice advice in ISO 27002 are likely simultaneously to meet the requirements of ISO 27001 but certification or registration is entirely optional. Registration entails an external assessment of its ISMS by an accredited certification body and provides organisations with the best means of demonstrating its information security commitment and capabilities to internal and external stakeholders.
Buy the Standard
Buy the ISO 27001:2005 Standard
