Tuesday, 27 March 2012

What is ISO 27001?

ISO 27001 explains how to manage information security in an organisation. This standard is the foundation of information security management.

ISO 27001 aims to provide an approach to implement information security in an organisation. An organisation can get certified, which would affirm that an independent certification body has confirmed that information security has been implemented in the most effective manner in the organisation.

ISO 27001 has become a basis for drawing up different regulations in the field of personal data protection, protection of confidential information, protection of information systems, management of operational risks in financial institutions, etc.