ISO 27000

ISO/IEC 27000 provides an overview of information security management systems, which form the subject of the information security management system (ISMS) family of standards, and defines related terms. As a result of implementing ISO/IEC 27000, all types of organization (e.g. commercial enterprises, government agencies and non-profit organizations) are expected to obtain:

1. an overview of the ISMS family of standards;
2. an introduction to information security management systems (ISMS);
3. a brief description of the Plan-Do-Check-Act (PDCA) process; and
4. an understanding of terms and definitions in use throughout the ISMS family of standards. The objectives of ISO/IEC 27000 are to provide terms and definitions, and an introduction to the ISMS family of standards that:

1. define requirements for an ISMS and for those certifying such systems;
2. provide direct support, detailed guidance and/or interpretation for the overall Plan-Do-Check-Act (PDCA) processes and requirements;
3. address sector-specific guidelines for ISMS; and
4. address conformity assessment for ISMS.

Benefits of ISO/IEC 27001 Information Security Management?

• Identify risks and put controls in place to manage or reduce them
• Flexibility to adapt controls to all or selected areas of your business
• Gain stakeholder and customer trust that their data is protected
• Demonstrate compliance and gain status as preferred supplier
• Meet more tender expectations by demonstrating compliance