Information Security Management System : IS0 27001

Information Security Management System IS0 27001

Information Security Management System

If you are concerned about protection of assets especially information assets, Information Security Management System(ISMS) provides a control framework to protect the (information) assets. This combines management controls (such as ISMS framework, ISMS policy), technical controls (malware management, access controls, network perimeter, encryption), procedural controls (e.g. document management), personnel controls (e.g. background screening) to name a few. The controls combine preventive, detective, restorative, maintenance and monitoring controls.

Information is critical to the operation and perhaps even the survival of your organization. Being certified to ISO 27001 will help you to manage and protect your valuable information assets.

This helps you to protect your information assets and give confidence to any interested parties, especially your customers. The standard adopts a process approach for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving your Information Security Management System.

ISO 27001

ISO 27001 is the International Standard for Information Security Management Systems (ISMS). It is based largely upon the previously adopted BS 7799 used commonly since 1995 for managing information security.

ISO 27001 provides the framework for a technology neutral, vendor-neutral management system that enables an organisation to assure itself that its information security measures are effective. This includes the continued accessibility, confidentiality and integrity of its own information and that of its stakeholders as well as legal compliance.

Implementation of ISO 27001 is an ideal response to legal requirements and potential security threats such as:

  • Vandalism / Terrorism
  • Fire
  • Misuse
  • Theft
  • Viral attack

ISO 27001 is structured to be easily compatible with other management systems standards such as ISO 9001 and ISO 14001. Whilst there are some clause numbering differences, common elements include documentation, review and audit requirements, enabling an organisation to develop a largely integrated management system.

Whilst modern communication mediums mean that most Information Security Management System are focused on ICT, ISO 27001 is equally applicable to other forms of information, such as paper records, images, and even conversations.

Who is it relevant to?

ISO 27001 is suitable for any organization, large or small, in any sector or part of the world. The standard is particularly suitable where the protection of information is critical, such as in the finance, health, public and IT sectors.

ISO 27001 is also highly effective for organizations which manage information on behalf of others, such as IT outsourcing companies: it can be used to assure customers that their information is being protected.

Why Choose Transpacific Certifications Limited for ISMS Certification?

  • Transpacific Certifications Limited offers certification/registration services for Information Security Management Systems as per ISO 27001, besides offering a range of other services like certification of Quality Management Systems as per ISO 9001, Environmental Management Systems as per ISO 14001, Food Safety Management Systems (including HACCP) as per ISO 22000, Occupational Health & Safety as per OHSAS 18001 etc.
  • TCL is a fast growing certification body possessing highly skilled and experienced human resources dedicated to provide quality services to our clients for achieving excellence in business. Our clients, numbering more than 10,000 bear a testimony to this.
  • TCL has the distinction of being one of the few organizations accredited by JAS-ANZ for all scopes of QMS, EMS, OHSAS, ISMS and FSMS in India, which means we can handle work of all categories and diverse industry types.
  • TCL is also accredited with National Accreditation Board for Certification Bodies (NABCB) for Quality Management Systems, ISO 9001.
  • TCL is one of the very few certification bodies in India permitted to use logo of IAF Logo (International Accreditation Forum Inc., World Association for Conformity Assessment) on the certificate as per agreement signed with them through AB.
  • TCL has a global presence. We have offices in various countries like Bulgaria, Egypt, Korea, Turkey, UK etc.

ISO 27001 Registration Process : Our Methodology

At Transpacific Certifications Limited our methodology for ISO 27001 registration/certification consists of the following steps:

  1. Signing of Contract
  2. Pre-audit (optional) to identify gap analysis of your current position against the standard
  3. Stage I Audit – Documentation Review
  4. Stage II Audit – Initial Certification Audit
  5. Issuance of Certificate
  6. Surveillance Audits to ensure maintenance of system and continual improvement
  7. Re-certification through full audit after 3 years for continual assessment

For any type of query, please click here.