AnsweredAssumed Answered

How important is ISO/IEC 27001 (Information Security Management) certification in your activities?

Question asked by Eric Hibbard Employee on Jul 9, 2013
Latest reply on Oct 2, 2013 by Eric Hibbard

The objective of ISO/IEC 27001 (and its companion ISO/IEC 27002)  is to "provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an Information Security Management System". It employs the PDCA, Plan-Do-Check-Act model to structure the processes. An ISMS may be certified compliant with ISO/IEC 27001 by a number of Accredited Registrars worldwide. Even for organizations that don't seek certification, ISO/IEC 27001 often drives the contents of their security policies.