WHY ESTABLISHING INFORMATION SECURITY MANAGEMENT SYSTEM?
- Organizing reputation
- The system of standardized processes to ensure the security of information system
- Protection of confidential information, ensure the availability of information and related services, prevent illegal modification of information
- Reduce the cost of troubleshooting
WHAT IS ISO 27001?
ISO 27001 (compatible with ISO/ IEC 17799:2005), formally specifies as Information Security Management System (ISMS). An ISMS is a framework of policies and procedures including all legal, physical and technical controls involved an organization’s information risk management processes.
- Being an international standard including 11 control clauses, 39 control objectives, 133 possible controls.
- Establish the policies, processes and procedures related to risk management and the improvement security to provide results are line with policies and objectives of the organization.
- Apply a specific to maintain and improve continually matching the standards.
- Reinforce IT security as managing a company. Apply OECD principle of privacy and security.