ISO 27001 Standard

TISO 27001 is a detailed security standard and a comprehensive set of controls comprising best practices in information security. This standard was published in October 2005 as a replacement to the BS7799-2 standard. It is primarily referred to as the Information Security Management System (ISMS) certification standard. Organisations that seek to implement an ISMS are examined against ISO 27001.

There are 11 major controls in ISO 27001 that comprise best practices in information security including:

ISO 27001 does not mandate specific processes and procedures nor define the implementation techniques for getting certified. Thus, companies being audited for ISO 27001 compliance deal with issues that plague companies that face regulatory audits, how to effectively get to a state of being compliant, and after the audit, the cost of effectively maintaining that known state. This is where Abstract Technology Ltd can offer the following benefits:

ATL and ISO 27001

ATL's configuration control solution provides powerful configuration assessment and change auditing capabilities to allow organisations proactively assess their IT configurations to see how they measure up to ISO 27001. For configuration items that don't measure up, there is remediation guidance which walks you through getting those settings to the correct values. Once this known state has been achieved, ATL's change auditing solution monitors for changes that could affect compliance to your ISO 27001 policies, and maintains a known state of your IT infrastructure.

The standard itself is generic and can be applied to any system or product. 

Audience

Anyone that wants to introduce information security processes into a project or organisation.

Resources:

Click here to access our contact form or send us an email at [email protected].