ISO 27001 - Information Security
DAS Certification (AS/NZ)
Security, It Solutions, Software Security
ISO 27001 provides a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an Information Security Management System (ISMS).
The design and implementation of an organisation’s ISMS is influenced by their needs and objectives, security requirements, the processes employed and the size and structure of the organisation. These and their supporting systems are expected to change over time. It is expected that an ISMS implementation will be scaled in accordance with the needs of the organisation, for example, a simple situation requires a simple ISMS solution.
ISO 27001 covers all types of organisations (e.g. commercial enterprises, government agencies, non-profit organisations) and specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving documented ISMS within the context of an organisation’s overall business risks. It specifies requirements for the implementation of security controls customised to the needs of individual organisations or parts thereof.
The ISMS is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties.
Demonstrating that a company has an ISMS culture by ensuring their staff are working within the correct information security environment and their organisation is complying to information security legislation is an important management challenge.
I T Security
, Information Security
, It Solutions
, Software Security