ISO 27001: A new standard for IT security

Information security flaws can create havoc within your business operations. The ISO 27001 standard for information security management systems can help to locate existing security problems and prevent future threats before they prove harmful to your organization. ISO 27001 is the new international standard created by the International Standards Organization for Information Security Management Systems. An ISMS is a planned way to managing an organization’s information so that it remains secure, by using the right methodology of people, processes, and IT systems. The best practices for ISMS includes a wide range of planning to ensure business continuity, minimize business damage, and maximize ROI and business opportunities. The standard sets out how the planning process should go and specifies the components that must be identified; people, processes, and pratices are essential. Official known as ISO/IEC 27001:2005, this standard, published last October, will replace the British BS7799-2 and the ISO 17799 standard; the latter may, however, be renumbered ISO 27002, but ISO has not made a final statement regarding ISO 17799 renumbering yet.

Published in


Date added: 10/16/2008


Leave a Comment