20th May 2013
Hardly a week goes by without a news article saying that some data has been stolen/lost/accidentally revealed. The Standard is due to change later this year but businesses considering incorporating this standard should not wait for the new standard, but start on the process now.
Information is the lifeblood of all organisations and can exist in many forms. It can be printed or written on paper, stored electronically, transmitted by mail or by electronic means, shown in films, or spoken in conversation. The loss or exposure of this information can be really damaging. So do not delay!
The three main principles of any information security management system are:-
Confidentiality – making sure that private date stays private;
Integrity – making sure that data is protected from loss or alteration;
Availability – making sure that data is available when required.
Develop an information security policy and identify your organisation’s key information assets. Purchase the standard, ISO/IEC ISO27001 and the Code of practice ISO/IEC 27002 to help you do this.
ISO27001 is an international standard setting out the requirements for an Information Security Management System. Using 27002, it helps identify, manage and minimise the range of threats to information.
There will be a transitional period when the revised standard is issued, and businesses can choose to be assessed against the existing or new standards. Once the transition period is completed (usually 12 months) then all businesses will have to comply with the new standard.
Heybridge Business Centre
110 The Causeway, Heybridge
Essex CM9 4ND
T: 01621 857841
M: 07702 193788
© 2020 Quality Matters Ltd. All rights reserved. Responsive Design