IS0 27001

ISO 27001 is a standardized set of requirements developed by the ISO/IEC which describe an Information Security Management System (ISMS). An ISMS is a set of policies, processes and procedures which, when integrated and executed in concert, provide an information security infrastructure that is suitable to your organization’s business needs. An ISMS compliant with 27001 not only provides the desired, appropriate, and complete level of security, but also the processes and documentation to ensure the security is demonstrable and repeatable.  

Provable security is critical in the course of ordinary business operations in order to satisfy customers, regulatory bodies, legal agencies, employees or others that your handling and treatment of information assets is robust and as expected. 

Why 27001?

Obvious business requirements already drive investment in security, to which billions of dollars and significant energy are globally applied each year. As with any investment, it’s critical to understand if the investment was well made, and if the return will be as expected.  

Unfortunately, even if security investments have been extensive, any lack of completeness, accountability, or overall applicability can render them ineffective overall. Said differently, while any respectable IT team can reasonably lock down networks and systems, any number of other unaddressed or poorly addressed risks to your assets could still be exploited, leading to potentially damaging results.   

ISO 27001 is holistically effective because it approaches information security with a top-down approach, requiring careful consideration of your assets, tolerance for risk, budget, staff, future and overall business needs. Once these aspects are understood and documented, policies that make sense for your organization are created and documented, followed by the implementation of suitable procedures and an ongoing review process. By following a process of “plan, do, check, act”, your actual security will match your plans not just today, but into the future. 

JBW ISO 27001