ISO 27001:2005 Information Security Management System (ISMS)
What is ISO 27001? The basic objective of this international standard is to help establish and maintain an effective information management system, using a continual improvement approach. The standard implements OECD (Organization for Economic Cooperation and Development) principles, governing security of information and network systems. ISO 27001 is an International Standard, titled "Information Security Management - Specification With Guidance for Use", and provides the foundation for third party audit and certification. The standard is designed to be 'harmonized' with other management system standards, such as ISO 9001 and ISO 14001. ISO 27001 Certification Contrary to common belief, certification is gained against ISO 27001, rather than ISO 27002 (also known as 17799). The certification itself is international, in that National Accreditation Bodies have a mutual recognition model in place enabling certifications granted in one territory to be recognized in another. Clearly, this is essential for any international standard. Common reasons to seek management system certification include:
To meet the certification requirements, an organization's Information Security Management System (ISMS) must be audited by a 'Certification Body' such as BQAI. A Certification Body must have been accredited by the National Accreditation Body for the territory in question (eg: INAB in the Becoming Certified to ISO 27001 As this standard was developed to be is harmonized with other key management system standards, you may be familiar with the approach to gaining standards certification (click on link www.bqai.ie and navigate for “route to certification” ) and you may have many basic requirements already in place. If you have some knowledge, or this is your fist venture into certification let BQAI simplify the process for you by getting in touch. +353 91 796017
For further information visit ISO Web Site.
|  |