IEC/ ISO 27001 Information Security Management System is the only auditable international standard that defines the requirements for an Information Security Management System (ISMS).

The standard is designed to ensure the selection of adequate and proportionate ISO27001security controls to reduce security risks within an organisation.

This helps to protect the confidentiality, integrity and availability of your information assets and give confidence to any interested parties, especially your customers that their information is safe and secure. The standard adopts a process approach for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving your ISMS based on the ‘Plan-Do-Check-Act’ (PDCA) model adopted by other management system standards.

Who is it relevant to?

ISO/IEC 27001 is suitable for any organisation, large or small, in any sector or part of the world. The standard is particularly suitable where the protection of information is critical, such as in the finance, health, public and IT sectors.

IEC/ ISO 27001 is also highly effective for organisations which manage information on behalf of others, such as IT outsourcing companies.

RKMS services relating to IEC/ ISO 27001 Information Security Management System include:

  • Gap analysis to identify your current position
  • Development of a project plan including all documentation requirements and timelines for completion
  • Awareness and overview training with company personnel
  • Design and development of the ISMS including risk assessment, statement of applicability and policies
  • Implementation assistance
  • Internal auditing of the ISMS and pre-assessment audit

Contact us to arrange a no obligation visit from one of our experienced consultants to discuss your needs.

View Case Study here ISO at Outsourcery ISO27001

Download ISO27001 standard fact sheet here