|Regulatory Compliance Overview|
|USA PATRIOT Act|
Ask the Experts
Submit a no-obligation question about ISO 27001 certification.
As with all management processes, an Information Security Management System (ISMS) must remain effective and efficient in the long term, adapting to changes in the internal organization and external environment. InfoSight will provide guidance on designing, implementing and operating your information security management system.
ISO 27001 certification requires that management:
Let InfoSight help you:
ISO 27001 Certification?
ISO 27001 certification is an international standard for the management and protection of information assets. Published in Oct 2005 by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), it defines requirements for an Information Security Management System (ISMS). Although ISO 27001 takes a very broad approach to information security, its objective is to bring information security under explicit management control and provides a model for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an Information Security Management System (ISMS). It also enables enterprises to evaluate risk and develop adequate treatment measures based on both the organization's security needs and the security measures already in place. Organizations that claim to have adopted ISO 27001 can be formally audited and certified according to the standard.
Do you have something to add to this definition? Let us know.Email your comments and contributions.