ISO 27001 is closely associated with ISO 27002, which is a code of practice for Information Security Management.

ISO 27002 (formerly ISO 17799) provides a common and proven basis for developing high organisational security standards and effective security management practice.

ISO 27001 is the actual documented standard to which certification is measured. It sets out the requirements for an Information Security Management System (ISMS). An ISMS is a systematic approach to managing the security of sensitive information - encompassing people, processes, IT systems and policy.

ISO 27001 is designed to identify, manage and reduce the range of threats to which your information is regularly subjected.

What are the benefits?
ISO 27001 & ISO 27002 offer an excellent framework for any organisation wanting to develop and enhance their network security.

• Certification provides substantial benefits:
• A valuable framework for resolving security issues
• Enhancement of client confidence & perception of your organisation
• Enhancement of business partners’ confidence & perception of your organisation
• Provides confidence that you have managed risk in your own security implementation
• Enhancement of security awareness within an organisation
• Assists in the development of best practice
• Can often be a deciding factor between competing organisations

• Overview of ISO/IEC 27001 & 27002
• What our role will be in helping you
• FAQs

Back to Consultancy