What does ISO 27001 cover?
This standard helps your business manage the security of assets like financial information, intellectual property, employee details or information entrusted to you by third parties. ISO 27001 also provides the requirements for an information security management system (ISMS).
Topics covered include:
- Information security policies
- Organisation of information security
- Human resources security
- Asset management
- Access control
- Physical and environmental security
- Operational security
- Communications security
- System acquisition, development and maintenance
- Supplier relationships
- Information security incident management
- Information security aspects of business continuity management
Who does ISO 27001 apply to?
Small, medium and large businesses in any sector. Certification to ISO 27001 is possible but not obligatory.
Benefits of ISO 27001 include:
- Managing information security risks
- Protect and improve your reputation with a globally recognised standard
- Ensure compliance with many laws such as the EU GDPR (General Data Protection Regulation) and the NIS Regulations (Network and Information Systems Regulations)
- Avoid financial penalties and losses associated with data breaches
- Gain a competitive edge and win new business