Safeguarding your information with ISO/IEC 27001


Protection checklist
What does ISO/IEC 27001 do?
What information systems are covered?
The benefits of ISO/IEC 27001
For all shapes and sizes
Electronic signatures

NSAI provides certification to ISO/IEC 27001, which is designed to help organizations ensure high level security for their valuable information assets.


Protection checklist

For organizations operating in today’s turbulent social and economic climate, secure information management is vital. Confidential business information and sensitive data require:
 
  • Safe storage
  • Secure back-up
  • Physical protection
  • Restricted access
  • Effective management systems.

What does ISO/IEC 27001 do?

ISO/IEC 27001 is designed to help organizations ensure high level protection and security for their valuable information assets.

The broad content of ISO/IEC 27001 is similar to the old Irish Standard, I.S. 17799-2. It utilizes the PDCA cycle – ‘Plan-Do-Check-Act’. It implements principles established by the Organization for Economic Cooperation and Development (OECD) governing security of information and network systems.

ISO/IEC 27001 is harmonized with other management standards, such as ISO 9001 and ISO 14001.

For more information, go to ISO/IEC 27001 Online.  

What information systems are covered?


Information in a diverse range of forms is covered, including:
 
  • Electronic data
  • Electronic software
  • Printed documents
  • Handwritten notes
  • Photographs and graphics
  • Video and audio recordings
  • Telephone conversations
  • Text messages
  • Emails
  • Faxes.
ISO/IEC 27001 encompasses all these forms of communicating and storing information.  

The benefits of ISO/IEC 27001

In addition to providing the reassurance that flows from putting in place high quality security management systems, ISO/IEC 27001 also enhances the credibility and reputation of certified organizations.

Compliance with ISO/IEC 27001 sends the message that your organization is professional, reliable and dependable. Some businesses insist on dealing only with organizations which can confirm, via certification, that their information security systems are robust. ISO/IEC 27001 is now the most authoritative information security management standard internationally.  

For all shapes and sizes

For some businesses, such as banks and telecommunications companies, ISO/IEC 27001 is indispensable. However, almost all businesses need secure information systems, no matter what their sector or size.  

Electronic signatures

In today's global, hi-tech economy, millions of electronic transactions take place every hour of the day.

To conduct e-commerce, it is necessary to have a fail-safe method of authenticating the identity of the originator of electronic documents. Based on the traditional handwritten signature, e-commerce has adopted a system of electronic signatures. These are based on qualified certificates, issued by a certification authority (CA) using recognized procedures.

ETSI TS 101456 specifies the essential operational and managerial requirements for CAs issuing qualified certificates.

NSAI can offer certification to clients who in turn wish to provide qualified certificates. Our certification service can provide visible assurance that certifying authorities are compliant with ETSI TS 101456.

Back to top



Find out more

For more information about how NSAI can advise you on ISO/IEC 27001 or on providing electronic signatures, contact us or complete a request for a quotation.

NSAI,
1 Swift Square,
Northwood,
Santry,
Dublin 9, Ireland

T: +353 1 807 3800
F: +353 1 807 3844
E: certification@nsai.ie 


RH Rev. 1.0

 
Subscribe to NSAI RSS Feeds

This site is best viewed in Internet Explorer 7.0+, Firefox 3.0+ and Chrome 3.0+ Esolution created by Elucidate - Web strategy