Search in Boards

Search the entire site bulletin board

• Information Security

• Information Security


❉ ❉ ❉

ISO/IEC 27001

Information Security Management System

ISO/IEC 27001 is an international standard for information security management system established by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) and the most authoritative international certification standard in the field of information security. This covers 133 items in 11 areas related to information security, including information protection policy, physical security, and information access control.





  • ISO/IEC 27001:2013 Standard,image
    ISO/IEC 27001:2013 Standard ISO/IEC 27001 is composed of 10 items including organizational environment, leadership, planning, support, operation, performance evaluation, and improvement, and 14 control items (refer to ISO/IEC 27002 for control items). The requirements of this standard have been formulated to be general for applicable to any organization, regardless of its type, size or characteristics.

    1.Scope

    2.Normative reference

    3. Terms and definitions

    4. Context of the organization

    5. Leadership

    6. Planning

    7. Support

    8. Operation

    9. Performance evaluation

    10. Improvement

  • The importance of ISO/IEC 27001, image
    The importance of ISO/IEC 27001 Through ISO/IEC 27001 certification, organizations can benefit like below:

    1.Customer satisfaction
    Realization of customer satisfaction through protection of customer information

    2. Business continuity
    Secure business stability through risk management, legal compliance and vigilance on future security issues and concerns

    3. Compliance with laws
    Understand how legal/regulatory requirements affect you and your customers, and how to reduce the risk of legal sanctions

    4. Risk management
    Ensure that customer records, accounting information and intellectual property rights are protected from loss, theft and damage through a systematic framework

    5. Proof of business reliability
    Reliability is secured through independent verification of recognized global industry standards

    6. Business expansion
    Customers often require a certificate as a condition of delivery, so certification can help you expand your business.


  • ISO/IEC 27001 IGC인증원의 역량
    IGC’s Competency IGC has been accredited for ISO/IEC 27001 by IAS, an Accreditation Body in the United States, and provides certification services for quality management systems.

    IGC has a lot of knowledge and rich experience in certification activities for quality management systems in various industries, including information security.

    IGC has up-to-date knowledge of a wide range of specific scopes and legal requirements in major markets around the world, and provides the knowledge and services to support your entire global operation.






Related Services from IGC

  • 01Quality

  • 02Environment

  • 03Health and Safety

  • 04Medical Devices

  • 05Food

  • 06Energy

  • 07Information Security

  • 08Anti-Bribery

  • 09Education

  • 10Business Continuity

  • 11Cosmetics

  • 12Customer Satisfaction

  • 13Social Accountability

ISO/IEC 27701

Privacy Information Management

  • As data collection and processing increases, there is a growing demand for how data should be managed and processed to reduce privacy threats.

    This became the background for the establishment of the international standard ISO/IEC 27701.

    ISO/IEC 27701 is an extension of ISO/IEC 27001 and ISO/IEC 27002, and provides requirements and guidelines for establishing, implementing, maintaining and continually improving PIMS (Privacy Information Management System) for organizational privacy management.

    It also provides guidance on PII controllers and PII processors that are responsible and responsible for the processing of Personally Identifiable Information (PII).

    ISO/IEC 27701 is for all type of organizations, including public and private enterprises, government agencies and non-profit organizations, including PII controllers and/or PII processors that process PII within the Information Security Management System (ISMS) based on ISO/IEC 27001.




  • ISO/IEC 27701:2019 Standard, image
    ISO/IEC 27701:2019 Standard 1. Scope

    2. Normative references

    3. Terms, definitions and abbreviation

    4. General

    5. PIMS-specific requirements related to ISO/IEC 27001

    6. PIMS-specific guidance related to ISO/IEC 27002

    7. Additional ISO/IEC 27002 guidance for PII controllers

    8. Additional ISO/IEC 27002 guidance for PII processors

  • The importance of ISO/IEC 27701, image
    The importance of ISO/IEC 27701 1. Build trust in your personal information management skills

    2. Clarification of roles and responsibilities within the organization

    3. Prevention of violations by improving internal capabilities and improving processes

    4. Provide established controls and transparency for privacy management

    5. Facilitating consensus with business partners

    6. Easily integrate with leading information security standard ISO/IEC 27001



  • Estimated Effectiveness of ISO/IEC 27701, image
    Estimated Effectiveness of ISO/IEC 27701 1.Coordinate multiple regulatory requirements using a universal group of operational controls to enable consistent and efficient implementation.

    2.PIMS can reduce the cost of auditing certification by evaluating it against multiple regulatory requirements.

    3.Since most clients are spread around the world, it is recommended to use ISO international standards to manage compliance.

    This reliance on compliance increases the importance of certification to standards.
    You can benefit from partners and suppliers, especially when dealing with large amounts of sensitive data.


  • IGC’s Competency, image
    IGC’s Competency IGC has been accredited for ISO/IEC 27701 by IAS, an Accreditation Body in the United States, and provides certification services for quality management systems.

    IGC has a lot of knowledge and rich experience in certification activities for quality management systems in various industries, including information security.

    IGC has up-to-date knowledge of a wide range of specific scopes and legal requirements in major markets around the world, and provides the knowledge and services to support your entire global operation.


Related Services from IGC

  • 01Quality

  • 02Environment

  • 03Health and Safety

  • 04Medical Devices

  • 05Food

  • 06Energy

  • 07Information Security

  • 08Anti-Bribery

  • 09Education

  • 10Business Continuity

  • 11Cosmetics

  • 12Customer Satisfaction

  • 13Social Accountability

ISO/IEC 20000-1

Information technology — Service management

Service Management System (SMS) is applied to the activities performed to design, plan, provide, operate, and control IT services performed by an organization. ISO/IEC 20000-1 is the first international standard applicable to these types, established in 2005 and has been revised twice in 2011 and 2018.
ISO/IEC 20000-1 includes service planning, design, transformation, delivery and improvement to meet service requirements and deliver value.





  • ISO/IEC 20000-1:2018 Requirements ISO, image
    ISO/IEC 20000-1:2018 Requirements ISO ISO/IEC 20000-1 consists of 10 items: organizational environment, leadership, planning, support, operations, performance evaluation and improvement.

    See ISO/IEC 20000-3 for guide documents and ISO/IEC 20000-5 for best practices.

    The requirements of this standard have been established to be general and applicable to all organizations providing services, regardless of the type or size of the organization.

    1.Scope

    2.Normative references

    3.Terms and definitions

    4.Context of the organization

    5.Leadership

    6.Planning

    7.Support of the service management system

    8.Operation of the service management system

    9.Performance evaluation

    10.Improvement





  • The Importance of ISO/IEC 20000-1, image
    The Importance of ISO/IEC 20000-1
    Organizations can achieve the following effects through ISO/IEC 20000-1 certification.

    a) Improvement of service quality

    b) Maintain a consistent level of service quality

    c) Demonstrate ability to plan, design, transform, deliver and improve services

    d) Monitoring, measurement and review of SMS and service

    e) Service commercialization, service integration, supplier management by company, customer service value determination



  • IGC’s Competency, image
    IGC’s Competency IGC auditors are experts with IT experience and technical qualifications in each sector, providing a thorough and honest audit of the implementation and effectiveness of the ISO/IEC 20000-1 management system.

    In addition, we have the knowledge and capabilities to meet your business needs, so we provide an effective and thorough audit of the management system.




Related Services from IGC

  • 01Quality

  • 02Environment

  • 03Health and Safety

  • 04Medical Devices

  • 05Food

  • 06Energy

  • 07Information Security

  • 08Anti-Bribery

  • 09Education

  • 10Business Continuity

  • 11Cosmetics

  • 12Customer Satisfaction

  • 13Social Accountability