Information Security ISO/IEC 27001

Overview

The Information Security Standard is published in the following parts:

ISO/IEC 27001:2005 (formerly BS 7799-2:2002) Specification for Information Security Management

ISO/IEC 27002:2005 (previously named ISO/IEC 17799:2005) Code of practice for Information Security Management

Information is the lifeblood of all organizations and can exist in many forms. It can be printed or written on paper, stored electronically, transmitted by mail or by electronic means, shown in films, or spoken in conversation. In today's competitive business environment, such information is constantly under threat from many sources. These can be internal, external, accidental, or malicious. With the increased use of new technology to store, transmit, and retrieve information, we have all opened ourselves up to increased numbers and types of threats.

There is a need to establish a comprehensive Information Security Policy within all organizations. You need to ensure the confidentiality, integrity, and availability of both vital corporate information and customer information. The standard for Information Security Management System (ISMS) ISO/ IEC 27001:2005 has fast become one of the world's established biggest sellers.