ISO 27001 training and certification
ISO 27001 (ISO/IEC 27001:2013) is the international standard that provides the specification for an information security management system (ISMS).
The Standard is designed to help organisations manage their information security processes in line with international best practice while optimising costs. It is technology and vendor neutral and is applicable to all organisations - irrespective of their size, type or nature.
ISO 27001 emphasises the importance of risk management, which forms the cornerstone of an ISMS. All ISO 27001 projects evolve around an information security risk assessment - a formal, top management-driven process which provides the basis for a set of controls that help to manage information security risks.
By implementing an ISO 27001-compliant ISMS, organisations will be able to secure information in all its forms, increase their resilience to cyber attacks, adapt to evolving security threats and reduce the costs associated with information security.
ISO/IEC 27001: 2013 controls:
- A.5 Information security policies
- A.6 Organisation of information security
- A.7 Human resources security
- A.8 Asset management
- A.9 Access control
- A.10 Cryptography
- A.11 Physical and environmental security
- A.12 Operational security
- A.13 Communications security
- A.14 System acquisition, development and maintenance
- A.15 Supplier relationships
- A.16 Information security incident management
- A.17 Information security aspects of business continuity management
- A.18 Compliance
How ForceOnesecurities can help you
Our implementation methodology has been honed over many years. We offer everything you need to implement an ISO 27001/27017/27018-compliant ISMS – you don’t need to go anywhere else. We guarantee certification (provided you follow our advice!). You benefit from real-world practitioner expertise, not just academic knowledge