The demand seems to be coming primarily from clients who are bidding for contracts which are now starting to require ISO 27001, along with the usual ISO 9001, IIP etc standards.
Although it seems daunting at first, ISO 27001 is designed to fit the size and complexity of the organisation. So it doesn’t impose complex far-reaching requirements on smaller, simpler organisations.
At the heart of ISO 27001 is the Information Security Management System, or ISMS. This is basically a document containing policies and procedures, which if followed reduce the risk of information being lost or released.
We’ve been working closely on these projects with a specialist ISO 27001 consultant and auditor, so between us we’re able to create the ISMS with the client, and then take them through the initial and compliance audit process.
If you have any needs in this area please do not hesiate to get in touch and talk to us or visit our website at http://www.ramsac.com/
Posts
No comments:
Post a Comment