ISO 27001 – What Is It About?
ISO 27001 is an international standard that deals with the implementation and continual improvement of information security controls at an organization of any size and business profile. This standard covers the handling of every aspect of information artifacts, for example supplier contracts, project documentation, voice recordings of meetings or customer databases.
The basic principles built into the standard include the awareness of the need for and the assignment of responsibility for information security, the active prevention and detection of information security incidents, a comprehensive approach to security management, the continual reassessment of information security and the making of improvements as appropriate. asd.hu
Applying a standard to approaching information security means using a systematic, structured method, based on proven best practices. The standard has two major parts:
ISO 27001 is an ideal tool for managers who do not want to take the risk of mismanaging information, wish to optimize information security spending and want to prove their customers that their organization is worthy of their trust.09/03/2020