ISO 27001 - Information security management system

ISO 27001 - Information security management system

Information Security Management System based on the international standard ISO 27001 is an effective system for the creation, management and continuous improvement of the protection of information assets.

The ISO 27001 specifies the processes, it is possible to maintain an effective system of business information security management in the context of existing business risks of the organization.

This standard defines information security as «preservation of confidentiality, integrity and availability of information; in addition, may include other properties such as authenticity, non-repudiation, authenticity».

The main objective of information security is to protect information assets from internal and external threats of intentional and unintentional (forgery, vandalism, theft, fire, system failure, and others.).

Expected benefits accruing to the company the introduction of ISO 27001

  • Increased security of information assets of the enterprise;
  • Improved handling of information risks;
  • Reduce the likelihood of financial loss in connection with the upcoming threats to information security;
  • Consumer confidence in the company is that its information assets are protected;
  • Competitive advantage in the market.