ISO 27001 specifies the management of Information Security. Applicable to all sectors of industry and commerce, it is not confined just to information held on electronic systems, but addresses the security of information in whatever form it is held.
Information is now globally accepted as being a vital asset for most organisations and businesses. As such, the confidentiality, integrity, and availability of vital corporate and customer information may be essential to maintain competitive edge, cash-flow, profitability, legal compliance and commercial image. ISO 27001 is intended to assist with this task. It is easy to imagine the consequences for an organisation if its information was lost, destroyed, corrupted, burnt, flooded, sabotaged or misused. In many cases it can (and has) led to the collapse of companies.
ISO 27001 is part of the ISO 27000 series, the generic name given to a family of international standards developed to provide a framework around which an information security management system can effectively be implemented. These standards are given below:
Gaining certification from a UKAS accredited certification body demonstrates that the security of your information has been addressed, implemented and properly controlled. But the benefits don't stop there: