Safeguarding your information with ISO/IEC 27001
Protection checklist
For organizations operating in today’s turbulent social and economic climate, secure information management is vital. Confidential business information and sensitive data require:
- Safe storage
- Secure back-up
- Physical protection
- Restricted access
- Effective management systems.
What does ISO/IEC 27001 do?
ISO/IEC 27001 is designed to help organizations ensure high level protection and security for their valuable information assets.
The broad content of ISO/IEC 27001 is similar to the old Irish Standard, I.S. 17799-2. It utilizes the PDCA cycle – ‘Plan-Do-Check-Act’. It implements principles established by the Organization for Economic Cooperation and Development (OECD) governing security of information and network systems.
ISO/IEC 27001 is harmonized with other management standards, such as
ISO 9001 and
ISO 14001.
For more information, go to
ISO/IEC 27001 Online.
What information systems are covered?
Information in a diverse range of forms is covered, including:
- Electronic data
- Electronic software
- Printed documents
- Handwritten notes
- Photographs and graphics
- Video and audio recordings
- Telephone conversations
- Text messages
- Emails
- Faxes.
ISO/IEC 27001 encompasses all these forms of communicating and storing information.
The benefits of ISO/IEC 27001
In addition to providing the reassurance that flows from putting in place high quality security management systems, ISO/IEC 27001 also enhances the credibility and reputation of certified organizations.
Compliance with ISO/IEC 27001 sends the message that your organization is professional, reliable and dependable. Some businesses insist on dealing only with organizations which can confirm, via certification, that their information security systems are robust. ISO/IEC 27001 is now the most authoritative information security management standard internationally.
For all shapes and sizes
For some businesses, such as banks and telecommunications companies, ISO/IEC 27001 is indispensable. However, almost all businesses need secure information systems, no matter what their sector or size.
Electronic signatures
In today's global, hi-tech economy, millions of electronic transactions take place every hour of the day.
To conduct e-commerce, it is necessary to have a fail-safe method of authenticating the identity of the originator of electronic documents. Based on the traditional handwritten signature, e-commerce has adopted a system of electronic signatures. These are based on qualified certificates, issued by a certification authority (CA) using recognized procedures.
ETSI TS 101456 specifies the essential operational and managerial requirements for CAs issuing qualified certificates.
NSAI can offer certification to clients who in turn wish to provide qualified certificates. Our certification service can provide visible assurance that certifying authorities are compliant with ETSI TS 101456.
Back to top
Find out more
For information on certification to ISO/IEC 27001 please
contact us
NSAI,
1 Swift Square,
Northwood,
Santry,
Dublin 9, Ireland
T: +353 1 807 3800
F: +353 1 807 3844
E:
certification@nsai.ie
RH Rev. 1.0