About ISO/IEC 27001:2005

ISO27001 replaced the original standard, BS7799-2. The latter was a long established information security standard. Strictly speaking, this is a specification for an ISMS (IS Management System)

ISO 27001 is the formal standard against which organizations may seek independent certification of their Information Security Management Systems (meaning their frameworks to design, implement, manage, maintain and enforce information security processes and controls systematically and consistently throughout the organizations).

 

Advantages of the ISO 27001 Standard

Just as ISO 9000 is a guarantee of quality, this standard constitutes a mark of confidence in a company's overall security. A number of authors have identified other benefits generated by the ISO 27001 standard, notably:

For further information on ISMS, please click the link below: