Custom-made security controls by organization management are how you get around the organization-specific issues. It takes input from management and other organizational decision-makers to give an accurate picture of the security risks, threats and vulnerabilities present. Please note that ISO 27001 is a standards framework that does not work independently. It is not mandatory to implement ISO 27001 in your organization, however, the good it can bring to your information security management may just make you a believer. It was developed to guide organizations, both large and small, to better protect their information in a manner that is risk-based, systematic and cost-effective. Any way you say it, ISO 27001 is a set of standards for information security management called the ISO/IEC 27000 series and provides best practices for information security management systems or ISMS. This framework was created by a partnership between the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), so you may see it under the alternative name ISO/IEC 27001.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |