logo
 
   
  Registration  
  Management Systems Training  
  NABCB  
  JAS-ANZ  
  EMS AND OHSAS DAC  
  HACCP AND FSMS DAC  
  NABCB & JAS-ANZ  
  IRCA  
  NABCB OHSAS Certificate  
  +91 129 4162505
  +91 129 4175510-16
  Telefax +91 129 4162505 (Telefax)
  sales@bsc-icc.com
Registration Assessment ISO 27001  

Information Security Management System
Registration to ISO/IEC 27001 Standard

ISO/IEC 27001, part of the growing ISO/IEC 27000 family of standards, is an Information Security Management System (ISMS) standard published in October 2005 by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). Its full name is ISO/IEC 27001:2005 - Information technology -- Security techniques -- Information security management systems -- Requirements but it is commonly known as "ISO 27001".
ISO/IEC 27001 formally specifies a management system that is intended to bring information security under explicit management control. Being a formal specification means that it mandates specific requirements. Organizations that claim to have adopted ISO/IEC 27001 can therefore be formally audited and certified compliant with the standard.

ISO/IEC 27001 requires that management

Systematically examine the organization's information security risks, taking account of the threats, vulnerabilities and impacts;

Design and implement a coherent and comprehensive suite of information security controls and/or other forms of risk treatment (such as risk avoidance or risk transfer) to address those risks that are deemed unacceptable; and

Adopt an overarching management process to ensure that the information security controls continue to meet the organization's information security needs on an ongoing basis.

 The BSCIC ISO/IEC 27001 certification involves a two-stage audit process for certification:

  • Stage 1 is a preliminary, informal review of the ISMS, for example checking the existence and completeness of key documentation such as the organization's information security policy, Statement of Applicability (SoA) and Risk Treatment Plan (RTP).
  • Stage 2 is a more detailed and formal compliance audit, independently testing the ISMS against the requirements specified in ISO/IEC 27001. The auditors will seek evidence to confirm that the management system has been properly designed and implemented, and is in fact in operation (for example by confirming that a security committee or similar management body meets regularly to oversee the ISMS). BSCIC Certification audits are conducted by ISO/IEC 27001 Lead Auditors.
 
Apply Online Contact Us  
 

 

 
     
     
  Site by Petals Interactive