ISO 27001 is an internationally recognised standard that sets out a best practice framework for an Information Security Management System (ISMS), helping organisations to protect important information by identifying risks and implementing relevant controls. The standard was developed by the ISO/IEC joint technical committee in 2005, and the most recent revised version released in 2013.
Certification to ISO 27001 shows people you are serious about your security. It demonstrates recognised standards of information security management and governance to your customers and stakeholders. It can reassure them that you are securely managing their data to a high standard and, in turn, boosting your reputation as a trustworthy partner. For many organisations, this standard is an essential component of winning new business.
All ECSC's ISO consultants are experienced in the implementation, and certification, of an ISMS, and can help you avoid numerous pitfalls during your project. We can lead you through the project, from performing the necessary gap analysis, recommending technology improvements, and helping you write the documentation, and even training your employees if you should wish.
If you aren't already certified, our consultants can prepare you for your UKAS/ANAB accredited certification body assessment. If you are already certified, or following a successful certification project, we can help you manage and maintain your Information Security Management System.