ISO27001 – The IT Security Policy Standard
ISO27001 was developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) as a certification standard for information security management systems. ISO27001 certification can be a powerful credential for an organization, showing that their IT security policy follows an international standard of due care.
ISO27001 is designed to be used in conjunction with the ISO 17799:2005 “best practice” recommendations for information security management. To achieve ISO27001 certification, organizations much adopt a risk-based approach that uses the security controls specified within ISO 17799:2005.
Information Shield has the tools your organization needs to save money while developing an IT security policy that will enable ISO27001 certification.
Information Security Policies Made Easy provides over 1300 security policies built within the ISO 17799:2005 framework. The ISO 17799:2005 policy map outlines the security policies that will lead you to ISO27001 certification, providing coverage of each security domain and sub-clause.
Information Security Roles and Responsibilities Made Easy is a perfect companion product, helping your organization define and document the roles and responsibilities recommended by ISO 17799:2005. It includes job descriptions with security requirements, organizational charts, and departmental mission statements all designed to facilitate your organization’s move to compliance and certification.
Information Security Policies Made Easy does more than just enable development of your IT security policy. It shows you how to maintain and monitor those policies as required by the certification process.
Why re-invent the wheel? We can provide you with detailed IT security policy solutions, saving you hundreds of man-hours and thousands of dollars. Please contact Information Shield today for more information how we can help your ISO27001 certification.