 |
 |
Put ISO 27001:2005 to work for you
ISO/IEC 27001:2005 covers twelve sections:
- Security Policy
- Organisation of Information Security
- Asset Management
- Human Resources Security
- Physical and Environmental Security
- Communications and Operations
- Management
- Access Control
- Information Systems Acquisition, Development and Maintenance
- Information Security Incident Management
- Business Continuity Management
- Compliance
SGS CAN HELP AUDIT AND CERTIFY YOUR ISMS
SGS can audit and certify your Information Security Management System against the ISO 27001 standard. Certification motivates your organisation, evaluates your information systems security and demonstrates the credibility of your ISMS to external stakeholders.
The first step is to carry out an information security analysis to assess how your ISMS has been implemented and identify the differences between your current position and the certificate requirements.
Once these differences have been rectified, you will participate in an initial audit. If the audit does not demonstrate that major corrective action is required, the certificate can be issued. Alternatively, key problems are identified and corrective measures are defined. Annual compliance audits follow, and, provided that your systems are maintained, the certificate is renewed every three years.
For more information:
Request for correspondence About ISO 270012005 Certification Compare ISO 27001 vs. BS 7799 View our Certified Clients Register for "The PROOF" newsletter
