ISO 27001 - ISO 27001 is an information security standard and is published by the International Organisation for Standardisation (ISO) and the International Electrotechnical Commission (IEC) under the joint ISO and IEC subcommittee, ISO/IEC JTC 1/SC 27.  It is a specification for an information security management system (ISMS).  Organisations which meet the standard may be certified by an independent and accredited certification body on successful completion of a formal compliance audit.

​

However, organisation don't have to be certified to benefit from ISO27001, many companies find that compliance is enough for them, that is to say they implement the principles and establish polices and control frameworks but stop short of certification.

​

Certification and compliance can both be an expensive, complex and challenging endeavour for organisations to undertake, it is important that careful cost benefit and gap analysis is conducted before setting out in search of certification or compliance.

​

The experts in our sister company, Predator IT, can help you make this determination and also help you plan and execute a series of self assessment exercises to get you to a position of understanding of your current risk, they are here to help you manage your risk.

​

​

​

For more information on ISO 27001 visit their website.

​

​

​

​

​