Most organizations recognize the value of having security practices and procedures. However, when it comes to knowing what and how much is appropriate for your organization, it can be hard to know whether you have it covered or not.
Enter the ISO 27001 Information Security Management Systems.
While not every organization needs to be compliant, the ISO 27001
standard is one of the most comprehensive information security
management systems available. As it is not tied to any specific
industry (such as HIPPA is tied to health) or purpose (such as PCI is
tied to processing credit cards), ISO 27001 can be adapted to any
organization’s needs.
ISO 27001 covers ten domains of information security, including:
- Security Policy
- Organization of Information Security
- Asset Management
- Human Resources Security
- Physical and environmental Security
- Communication and Operational Management
- Access Control
- Systems Development and Maintenance
- Information Security and Incident Management
- Business Continuity Planning
- Regulatory Compliance
Are your information security management systems complete? Are they repeatable? Documented? Enforced? Optimized? Contact us today to know more and how you can be ISO-compliant.