ISO 27K What?

What is ISO 27000....

 

 

With the growth of the internet and the explosive emergence of mobile technology, managing information security has become even more vital and should encompass all aspects of an organization's operations. As a consumer, we would like to be certain our information is being protected by an organization. For instance, if you use a website - you want to be assured that the information you provide is safe from internal or external threats.

One way to accomplish this is by utilizing the ISO 27000 series of security standards. The ISO 27000 series originated from the British Standard 7799. It is comprised of information security standards published together by the International Organization for Standardization (ISO) and the International Electro-technical Commission (IEC). It is an optional qualification for organizations to show that they meet a certain level of information security development.

The series is designed to cover more than just privacy, confidentiality and technical security issues - it also focuses on all business processes and business assets. Currently the ISO 27000 series contains six publically available parts – each dealing with a different area of IS Security Management. However, there are several more being developed.

 

Plan - Do - Check - Act

 



The ISO 27000 series utilizes the Plan-Do-Check-Act model in its procedures. Just like a circle has no end, the PDCA cycle should be repeated again and again for continuous improvement.

 

If you would like to find out more about the ISO 27000 series please follow these links:

ISO 27000 Security
ISO Standards