Information System Security Management based ISO/IEC 27001

Regulations and legal obligations set forth the protection of vital assets, information and means to control societal infrastructures in adherence to legal and regulations obligations.

Protection of data and information is fundamental in today’s technological climate that encompass digital technology, financial reports, hard copies, physical structures, information technology software, hardware, firmware and other assets. And the integrity to access these could well affect the organization’s ability to perform. Dependent on the organization role within its supply chain whether services or products, the losses could be staggering. To this effect Information Security Management System practices and methods ISO/IEC 27001 provides a benchmark to help control and manage regulatory compliance and legal obligations within the country or region of operations.

ISMS ISO/IEC 27001 requires that the organization; identifies and analyses risks resulting; treatment of these risks by way of controls. To this effect Annex A of ISO/IEC 27001 provides a list of controls for the treatment of the risks identified. ISO/IEC 27002 establishes the guidelines and general principles to establish, implement, maintain, update and improve an effective Information Security Management System.

 Copyright © 2010 BRS       Home   Certifications   About   Contact us   Legal