hoja de producto iso 27001
Post on 05-Jul-2018
220 Views
Preview:
TRANSCRIPT
-
8/16/2019 Hoja de Producto ISO 27001
1/2
ISO/IEC 27001:2005 Information Security Management
INFORMATION SECURITY MANAGEMENTBSI provides assessment, certification and training services for ISO/IEC 27001
Overview
Information is critical to the operation
and, in extreme cases, to the survival of
your organization. Using an Information
Security Management System (ISMS) and
certifying it against the best practice
standard, ISO/IEC 27001, will help you to
manage and protect your information
assets.
ISO/IEC 27001 is based on, and replaces,the internationally recognized British
Standard, BS 7799 and it aligns with other
international standards, including the
OECD guidelines for implementing
information security and the Code of
Practice standard, ISO/IEC 17799.
ISO/IEC 27001 defines the requirements
for an ISMS. The standard is designed to
ensure that you select adequate and
proportionate security controls which help
you to protect information assets and to
give confidence to interested parties
including your customers.
ISO/IEC 27001 is not an IT only
standard; information is an
organizational asset. The standardhas no technology requirements;
although there are IT related controls
as the majority of information is held
on your IT systems.
Who is it for?
ISO/IEC 27001 is suitable for any
organization, large or small, in any secto
or part of the world. The standard is
particularly suitable where the protection
of information is important to your
organization.
ISO/IEC 27001 is also highly effective if
you manage information on behalf of
others. For example, if you are an IToutsourcing organization, the standard
can be used to assure your customers th
their information is being properly
controlled and protected.
raising standards worldwide™
BENEFITS
A common framework
Provides a common framework enabling you to develop,
implement, and effectively measure information security
management practices.
A risk based approach
Provides a risk-based approach to help plan and implement an
ISMS resulting in an appropriate and affordable level of
organizational security.
Structured and proactive
Provides a structured and proactive approach to establishing an
ISMS.
Asset protection
Ensures the right people, processes, procedures and technologies
are in place to protect information assets.
Independent assurance of controls
Demonstrates independent assurance of your internal controls
therefore meeting corporate governance and business continuity
requirements.
Information protection
Protects information in terms of confidentiality, integrity and
availability.
Independent demonstration
Independently demonstrates that applicable laws and regulation
are observed.
A competitive edge
Provides a competitive edge by meeting contractual requiremen
and demonstrating to your customers that the security of their
information is paramount.
Independent verification
Independently verifies that your risks are properly identified,
assessed and managed, while formalizing information security
processes, procedures and documentation.
Facilitates continuous improvement
The regular assessment process helps you continually monitor
and improve your ISMS.
-
8/16/2019 Hoja de Producto ISO 27001
2/2
Assessment and Certification
BSI is independently accredited to certify
your organization to ISO/IEC 27001. Ourauditing capabilities are globally
recognized for providing a value added
service. Our auditors are highly qualified,
full-time professionals with information
security expertise.
A BSI assessment provides independent
verification of your ISMS while enabling
you to benchmark your system against a
proven standard.
Training
We provide comprehensive
ISO/IEC 27001 training from a one-dayintroductory course to implementation
and lead auditor courses. We offer
onsite training, e-learning, and public
training at a range of locations For the
latest information visit:
www.bsiamericas.com/infosectraining
Standards and Publications
We offer a wide range of guidance
documents and support publications, awell as the standard itself, to help you
through certification and beyond.
These items can be found online at:
www.bsiamericas.com/infosecurity
ISO/IEC 27001 is the only
internationally accepted
auditable standard for
information security
management.
For further information on BSI’s
ISO/IEC 27001 services, visit
www.bsiamericas.com/infosecurity
BSI Management Systems12110 Sunset Hills Road, Suite 200Reston, VA 20190-5902USATel: 1 800 862 4977Fax: 1 703 437 9001Email: inquiry.msamericas@bsi-global.comwww.bsiamericas.com
BSI Management Systems Canada6205 Airport Road, Suite 102Mississauga, ONL4V 1E1CanadaTel: 1 800 862 6752Fax: 416 620 9911Email: inquiry.canada@bsi-global.com
The BSI certification mark can be used on your stationary, literature
and vehicles when you have successfully achieved certification.
BSI Group: Standards • Information • Training • Inspection • Testing • Assessment • Certificatio
BSI SERVICES SUMMARY
• Information and guidance
• Standards and publications
• Customer events
• Training – public, onsite and e-learning
• Management systems – gap analysis, second party audits,assessment, certification, continual assessment
• Business improvement tools
How can we help?
top related