Information Security Management System
ISO/IEC 27001 is an international standard for information security management system established by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) and the most authoritative international certification standard in the field of information security. This covers 133 items in 11 areas related to information security, including information protection policy, physical security, and information access control.
ISO/IEC 27001:2013 Standard
ISO/IEC 27001 is composed of 10 items including organizational environment, leadership, planning, support, operation, performance evaluation, and improvement, and 14 control items (refer to ISO/IEC 27002 for control items). The requirements of this standard have been formulated to be general for applicable to any organization, regardless of its type, size or characteristics.
3. Terms and definitions
4. Context of the organization
9. Performance evaluation
The importance of ISO/IEC 27001
Through ISO/IEC 27001 certification, organizations can benefit like below:
Realization of customer satisfaction through protection of customer information
2. Business continuity
Secure business stability through risk management, legal compliance and vigilance on future security issues and concerns
3. Compliance with laws
Understand how legal/regulatory requirements affect you and your customers, and how to reduce the risk of legal sanctions
4. Risk management
Ensure that customer records, accounting information and intellectual property rights are protected from loss, theft and damage through a systematic framework
5. Proof of business reliability
Reliability is secured through independent verification of recognized global industry standards
6. Business expansion
Customers often require a certificate as a condition of delivery, so certification can help you expand your business.
IGC has been accredited for ISO/IEC 27001 by IAS, an Accreditation Body in the United States, and provides certification services for quality management systems.
IGC has a lot of knowledge and rich experience in certification activities for quality management systems in various industries, including information security.
IGC has up-to-date knowledge of a wide range of specific scopes and legal requirements in major markets around the world, and provides the knowledge and services to support your entire global operation.
Related Services from IGC
03Health and Safety