Is an ISO/IEC 27001 understanding necessary? | ALC Training News
- No comments
There's currently shortage of choice for IT security courses, but choosing the correct standards and frameworks can be difficult.
ISO/IEC 27001 deserves consideration from professionals, as it covers a number of areas. This article will explore exactly what it is can how it can be utilised.
What is ISO/IEC 27001?
ISO/IEC 27001 is the pre-eminent global standard for information security management systems (essentially a set of policies designed to handle information security).
The most recent update was published in October 2013, bringing much of the framework up to date with other certifications and standards. It now covers organisational context and stakeholders, how to best plan a security management system implementation, and how to make the system operational.
Sections are also dedicated to reviewing system performance and putting corrective actions in place where and when required.
As security is such a high priority for modern enterprises, it's important that up to date standards are used at all stages of a security system implementation.
Several stages have been outlined below, with uses of the ISO/IEC 27001 standard explained. These uses can be applied to a number of different security scenarios.
- Planning – Here, the ISO/IEC 27001 standard can be used to identify, analyse and plan to treat IT security risks.
- Operation – The standard goes into detail here about assessing and treating risks, as well as managing changes.
- Evaluation – ISO/IEC 27001 can be utilised to monitor, analyse and audit IT security practices and management systems to make improvements where required.
- Improvement – When security audits and reviews are performed, professionals can use the standard to assess where changes are required.
It's easy to see how the ISO/IEC 27001 standard can be utilised to great effect across a wide range of security applications. If you'd like more information on ISO/IEC 27001, or want to take part in a course to gain certification, speak to ALC training today.
- ALC’s Cyber Scholarship Program – A Community Support Initiative
- ASD scraps Cloud Security Certification Program – Now What?
- Cybersecurity in your pocket: The essentials of mobile malware
- Where to Start with Digital Transformation?
- InfoSec Skilled Workforce Shortfall – Reality?
- What is the Office 365 Security & Compliance Centre?