ISO 27001:2013 is a technical standard for Information Security Management Systems (ISMS).

This international standard specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of an organization. This standard also includes the requirements for the assessment and treatment of information security risks tailored to the needs of organization.

​

BENEFITS

• Alignment of information technology services and business strategy resulting improved information security.

• Provides a benchmark type comparison with best practices

• Creates competitive advantage via the promotion of consistent and cost-effective services.

• By requiring ownership and responsibility at all levels, it creates a progressive ethos and culture.

• Reduction of risk and thus cost in terms of external service receipt

• Through the creation of a standard consistent approach, aids major organizational changes.

• Enhanced reputation and perception

• Fundamental shift to pro-active rather than re-active processes

• Improved relationship between different departments via better definition and more clarity in terms of responsibility and goals.

• Creation of a stable framework for both resource training and service management automation.