ISO 27001


Dependence on information systems and services means organizations are more vulnerable to security threats. Information is an asset which, like other important business assets, has value to an organization and consequently needs to be suitably protected. By proper identification and classification of those assets and a systematic risk assessment of threats and vulnerabilities your company can select appropriate controls to manage those risks and demonstrate that it is preserving confidentiality, integrity and availability of those information assets to clients, consumers, shareholders, authorities and society at large.


What is ISO 27001?

ISO 27001 is an International Standard giving requirements related to Information Security Management System in order to enable an organization to assess its risk and implement appropriate controls to preserve confidentiality, integrity and availability of information assets.

The fundamental aim is to protect the information of your organization getting into the wrong hands or losing it forever.

What are the key benefits?

• Due to dependability of information and information systems, confidentiality, integrity and availability of information is essential to maintain competitive edge, cash-flow, profitability and commercial image.

• Compliance with legal, statutory, regulatory and contractual requirements.

• Improved corporate governance and assurance to stakeholders such as shareholders, clients, consumers and


• Through a proper risk assessment, threats to assets are identified, vulnerability to and likelihood of occurrence

is evaluated and potential impact is estimated, so your investment is allocated where it is necessary



Does ISO 27001 apply to all industries?

Yes, all organizations have information assets and can benefit of implementation and certification of an ISMS.

ISO 27001 is all about IT, isn’t it?

No, ISO 27001 covers all aspects of information exchange, from computer data to conversations in public areas, including securing of physical perimeters and initial personnel screenings.

ISO 27001 will help you to assure business continuity under almost all circumstances, such as fire, flooding, hacking, data loss, confidentiality breach and even terrorism.

It is possible for an organization to put in place a policy on information security that covers all forms of communication and data storage.