Know your ISO 27001 legal requirements

The ISO 27001 standard entails legal requirements that ensure organisations keep information assets secure.

The Libryo platform means your organisation is certified and covered whenever changes are made to this standard.

What does the ISO 27001 standard cover?

This standard helps your business manage the security of assets like financial information, intellectual property, employee details or information entrusted to you by third parties. ISO  27001 also provides the requirements for an information security management system (ISMS).

Topics covered include:

  • Information security policies
  • Organisation of information security
  • Human resources security
  • Asset management
  • Access control
  • Cryptography
  • Physical and environmental security
  • Operational security
  • Communications security
  • System acquisition, development and maintenance
  • Supplier relationships
  • Information security incident management
  • Information security aspects of business continuity management
  • Compliance

Who does ISO 27001 apply to?

Small, medium and large businesses in any sector. Certification to ISO 27001 is possible but not obligatory.

Organisational benefits of ISO 27001 include:

  • Managing information security risks
  • Protect and improve your reputation with a globally recognised standard 
  • Ensure compliance with many laws such as the EU GDPR (General Data Protection Regulation) and the NIS Regulations (Network and Information Systems Regulations)
  • Avoid financial penalties and losses associated with data breaches
  • Gain a competitive edge and win new business

Discover why other leading companies choose to work with Libryo