Understanding ISO 27001 standard.
This is Information Security Management Systems (English name: Information Security Management Systems): ISO 27001 is a guiding standard for Information Management. The standard sets out requirements for establishing, operating, maintaining and improving an ISMS in order to better preserve an organization's information assets.
The first part was revised in 1998, and adopted by ISO and IEC in 2000 as ISO/IEC 17799 “Information technology – Code of practice for the management of information security. Until 2005, the unified ISO 27000 family of standards was ISO/IEC ISO 27001.
Second part BS 7799 published in 1999 “Information security management systems – Specification with instructions for use”. And was unified by ISO/IEC as ISO/IEC 27001:2005 in November 2005.
The current version that is issued and applied is ISO/IEC 27001:2013, issued in 2013. In Vietnam, the latest version of TCVN ISO 27001:2019 has been issued.
Like other standards, businesses can get ISO 27001 certification by a 3rd party that has a function - (Won-Med performed ISO certification for all businesses).
Therefore, the adoption of an Information Security Management System (ISMS) is a strategic decision of the Organization to:
Information security, information storage integrity and availability through adequate management of identified risks.
Identify stakeholders and their expectations regarding the security of your information. Identify possible risks with ISMS.
Plan measures to deal with ISMS risks, setting specific goals for processes and activities.
Implement ISMS safeguards.
Measure actions taken.
Improve information security management system.
ISO 27001 certification, if issued, this will be proof of:
Proving compliance with legal requirements: Contractual agreements, information security laws…
Create a competitive advantage over your competitors.
Reducing the cost of handling information security incidents: for example, disclosing customer information, violating legal regulations, etc.
ISO 27001 Controls and Controls has 14 Control Objectives accompanied by 114 control measures.
If Enterprises in need of ISO 27001 certification or ISO standard application training, ISO standard awareness training, please contact us for support.
WONMED VINA CO., LTD.
Office in Vietnam: P7-43.OT09, Park 7, Vinhomes Central Park, 720A Dien Bien Phu, Binh Thanh, Ho Chi Minh City.
Tel: 028 3620 6200 - Hotline: 0325269326
Email: [email protected]
Website: wonmed.vn - wonmed.org
Won-Med is an ISO certification organization and provides European standard CE Marking certification services. Won-Med provides training services for ISO standard auditors, training to apply ISO standards for all businesses.
Together with Won-Med, raise Vietnamese enterprises, accompany Vietnamese enterprises to reach out to the world.