[et_pb_section fb_built=”1″ _builder_version=”4.9.2″ _module_preset=”default” background_image=”https:\/\/sertalink.com\/wp-content\/uploads\/2023\/03\/purp2-1-1.png” background_position=”top_left” custom_padding=”13em||||false|false” hover_enabled=”0″ da_disable_devices=”off|off|off” custom_padding_last_edited=”on|phone” custom_padding_phone=”5em||||false|false” sticky_enabled=”0″ da_is_popup=”off” da_exit_intent=”off” da_has_close=”on” da_alt_close=”off” da_dark_close=”off” da_not_modal=”on” da_is_singular=”off” da_with_loader=”off” da_has_shadow=”on”][et_pb_row _builder_version=”4.9.2″ _module_preset=”default” animation_style=”zoom” animation_intensity_zoom=”10%” animation_starting_opacity=”100%” hover_enabled=”0″ width_last_edited=”on|phone” width_phone=”85%” sticky_enabled=”0″][et_pb_column type=”4_4″ _builder_version=”4.9.2″ _module_preset=”default”][et_pb_text _builder_version=”4.9.2″ _module_preset=”default” header_font=”Fjalla|700|||||||” header_text_color=”#FFFFFF” header_font_size=”50px” custom_margin=”||0px||false|false” custom_padding=”||||false|false” hover_enabled=”0″ header_font_size_last_edited=”on|phone” header_font_size_phone=”35px” header_line_height_last_edited=”on|phone” header_line_height_phone=”1.5em” sticky_enabled=”0″]<\/p>\n
[\/et_pb_text][et_pb_text _builder_version=”4.9.2″ _module_preset=”default” text_font=”Montserrat Regular||||||||” text_text_color=”#bfbfbf” text_font_size=”16px” header_font=”Fjalla|700|||||||” header_text_color=”#FFFFFF” custom_margin=”||||false|false” custom_padding=”||||false|false”]Homepage<\/a> \/ Data Governance & Compliance<\/a> \/ ISO 27001 and Information Security[\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section][et_pb_section fb_built=”1″ _builder_version=”4.9.2″ _module_preset=”default” hover_enabled=”0″ da_disable_devices=”off|off|off” custom_padding_last_edited=”on|phone” custom_padding_phone=”10px||||false|false” sticky_enabled=”0″ da_is_popup=”off” da_exit_intent=”off” da_has_close=”on” da_alt_close=”off” da_dark_close=”off” da_not_modal=”on” da_is_singular=”off” da_with_loader=”off” da_has_shadow=”on”][et_pb_row _builder_version=”4.9.2″ _module_preset=”default” hover_enabled=”0″ width_last_edited=”on|phone” width_phone=”85%” sticky_enabled=”0″][et_pb_column type=”4_4″ _builder_version=”4.9.2″ _module_preset=”default”][et_pb_text admin_label=”Text” _builder_version=”4.9.2″ text_font=”Montserrat Regular||||||||” text_line_height=”1.5em” header_2_font=”Fjalla||||||||” header_2_text_color=”#000356″ header_3_font=”Fjalla||||||||” header_3_text_color=”#000356″ background_size=”initial” background_position=”top_left” background_repeat=”repeat” hover_enabled=”0″ use_border_color=”off” border_color=”#ffffff” border_style=”solid” text_font_size_last_edited=”on|phone” text_font_size_phone=”15px” header_2_font_size_last_edited=”on|phone” header_2_font_size_phone=”20px” header_2_line_height_last_edited=”on|phone” header_2_line_height_phone=”1.5em” sticky_enabled=”0″]<\/p>\n ISO\/IEC 27001:2013 (ISO 27001) is the international standard that describes best practice for an information security management system (ISMS). Accredited certification to ISO 27001 demonstrates that an organisation is following international information security best practices.<\/p>\n This page explains what ISO 27001 is and links to the products that will help your organisation when approaching an ISO 27001 implementation project, including our packaged solutions >><\/p>\n An information security management system (ISMS) is \u201ca systematic approach for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an organisation\u2019s information security to achieve business objectives\u201d (ISO\/IEC 27000:2014).<\/p>\n It encompasses people, processes and technology, recognising that information security is not just about antivirus software, implementing the latest firewall or locking down your laptops or web servers. Technology alone is simply too weak to defend against the evolving nature of information security threats.<\/p>\n The overall approach to information security should be strategic as well as operational, and different security initiatives should be prioritised, integrated and cross-referenced to ensure overall effectiveness.<\/p>\n An ISO 27001-aligned ISMS helps you coordinate all your security efforts (both electronic and physical) coherently, consistently and cost-effectively<\/p>\n ISO 27001, alongside its companion code of practice, ISO27002, sets out the technical specifications of an information security management system (ISMS). The newest version of the Standard is ISO\/IEC 27001:2013, which supersedes ISO\/IEC 27001:2005.<\/p>\n An ISMS is specific to the organisation that implements it so no two ISO 27001 projects are the same. Find out more about the different steps of an ISO 27001-aligned ISMS implementation project.<\/p>\n We have published several authoritative green papers on ISO 27001. Click on the link belows and download them for free today:<\/p>\n Information Security & ISO 27001: An introduction The Cyber Essentials scheme is a key deliverable of the UK Government\u2019s National Cyber Security Strategy\/Cyber Programme, and was released on 7 April 2014. It aims to provide reassurances about cyber risk management to UK-based organisations, clients and partners, and to ensure that risk management practices have been independently tested and verified, where relevant.<\/p>\n The scheme provides a set of controls, based on ISO 27001, that organisations can implement to achieve a basic level of cyber security. Organisations can attain certification to two levels: Cyber Essentials and Cyber Essentials Plus. Certified compliance with the scheme will be required in certain government procurement contracts.<\/p>\n ISO 27001 can help organisations create a framework for compliance with many regulatory standards, including:<\/p>\n The Telecommunications Regulations Act 1998 [\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":" ISO 27001 and Information Security Homepage \/ Data Governance & Compliance \/ ISO 27001 and Information Security ISO\/IEC 27001:2013 (ISO 27001) is the international standard that describes best practice for an information security management system (ISMS). Accredited certification to ISO 27001 demonstrates that an organisation is following international information security best practices. This page explains […]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"class_list":["post-15291","page","type-page","status-publish","hentry"],"yoast_head":"\nWhat is an information security management system (ISMS)?<\/h2>\n
ISO 27001:2013<\/h2>\n
Implementing ISO 27001<\/h2>\n
Download a free ISO 27001 green paper<\/h2>\n
\nISMS Measurement: Keep It Short And Simple
\nImplementing an ISMS \u2013 A really Quick Introduction
\nReduce your cyber risk with ISO 27001<\/p>\nISO 27001 and the UK Government\u2019s Cyber Essentials scheme<\/h2>\n
ISO 27001 \u2013 a framework for compliance<\/h2>\n
\nThe Data Protection Act 1998
\nThe Computer Misuse Act 1990
\nThe Human Rights Act 1998
\nThe Regulation of Investigatory Powers Act 2000
\nThe Copyright, Designs and Patent Act 1998
\nThe Freedom of Information Act 2000 (public sector).<\/p>\n