◊ Certification Services - ISO IEC 27001:2005 Certification

The ISO IEC 27001: 2005 Certification has to be acquired by all types of organizations [E.g. Commercial enterprises, government agencies, not for profit organizations). ISO/IEC – 27001:2005 specified the requirements for establishing, implementing, operating, and monitoring, reviewing, maintaining system within the context of the organization’s overall business risk. ISO IEC 27001: 2005 specifies requirements for the implementation of security controls customized to the needs of individual organizations (or) parts thereof. ISO/IEC 27001:2005 is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties.

ISO/IEC 27001:2005 is intended to be suitable for several different types of use, including the following:-

- Use within organizations to formulate security requirements and objectives.
- Use within organizations as a way to ensure that security risks are cost effectively managed
- Use within organizations to ensure compliance with laws and regulations
- Use within an organization as a process framework for the implementation and management of controls to ensure that the specific security objectives of an
  organization are met
- Definition of new information security management process
- Identification and clarification of existing information security management processes
- Use by the management of organizations to determine the status of information security management activities
- Use by the internal and external auditors of organizations to determine the degree of compliance with the policies, directives and standards adopted by an
  organization
- Use by organizations to provide relevant information about information security policies, directives, standards and procedures to trading partners and
  other organizations with whom they interact for operational or commercial reasons.
- Implementation of business-enabling information security.
- Use by organizations to provide relevant information about information security to customers.

Copyright @ 2014. Progressive Certification Services.
Developed and Managed by SME Business Services Ltd.