ISO 27001:2005
Information security management systems
Overview
Organisations have realised the importance of security. It is vital to keep confidential business information secure. Sensitive and confidential information need to protected from hackers. ISO and BSI have developed ISO 27001:2005 Information Security Management System in order to overcome the security shortcomings in organisations.
ISO 27001 aims at providing a common base for developing organisational information security standards and effective security management practices. It aims to instill a higher level of confidence in inter-organisational dealings.
The standard is published in two parts:
| ◊ |
ISO 27001: 2005 Information Security Management
|
| ◊ |
ISO-17799: Code of Practice for Information Security Management
|
ISO 27001:2005 certification
An organisation has to comply with the ISO 27001:2005 standard in terms of availability, integrity and confidentiality of company information. This organisation wide established system helps meet requirements of security and is called an ISMS is a process that takes a systematic approach to managing sensitive company information in order to keep it secure.
This process involves people, processes and IT systems of an organisation.
Benefits of adoption
Certifying your information security management system with ISO 27001 will bring the following benefits to your organisation:
|
◊
|
Systematic identification of information security risks
|
|
◊
|
Availability of a business continuity plan in case of a natural or manmade disaster
|
|
◊
|
Reduction of impact in case of risk occurance
|
|
◊
|
Efficient protection of confidential data
|
|
◊
|
Improved ability to survive such disasters
|
Certification process
The certification process is a multiple-step process. The certification cycle is described briefly:
| ◊ |
Application for certification
|
| ◊ |
Offer from PT. TÜV NORD Indonesia
|
| ◊ |
Offer acceptance from client and order confirmation by PT. TÜV NORD Indonesia
|
| ◊ |
Preaudit (optional)
|
| ◊ |
Certification audit
|
| ◊ |
Issue of certificate on successful completion of certification audit
|
| ◊ |
Surveillance audits at defined interval
|
| ◊ |
Recertification audit
|
TUV's services
PT. TÜV NORD Indonesia partners with TÜV NORD Group to bring you this certification through its extremely well organised network of qualified and experienced auditors.