Charter 4: I S O 27001: F A Q:
Business Model
Demo
I S O 9001
I S O 14001
I S O 27001
F A Q
Sign Up
Standard
Services
Standards
Company

Contact UsBuy with Confidence Contact Us

ISO 27001 FAQ

(For Questions relating to the Hosted Business Model – please refer to Hosted Business Model FAQ)

Q: What is ISO 27001: 2005 Information Security Management?
ISO 27001 is an international standard to improve Information Security for the organisation.

Q: What are the Key Benefits?

  • Promoting the importance of Information Security
    Information is business critical to an Organisation. Also Customers and Supplier want to know that information passed to your Organisation will be secure. ISO 27001 provides a means to promote the organisation and further demonstrates very clearly to Customers, Employees and other Stakeholders that the Information Security is important to the organisation.
  • Managing the Information Security Risks
    It includes a cohesive systematic approach to managing the risks associated to business information assets. In particular managing the Availability, Confidentiality and Integrity of the Information held by the organisation. To support the risks management, the Standards requires a clear structure of working processes and practices focused to the continual improvement of Information Security.

Q: What is the Business Model?
The Business Model is an integrated electronic Model of your Business. It incorporates and interlinks the Process Diagrams describing your processes, Objectives / Action Plans / Key Performance Indicators / Responsibilities and optional Risks. Also existing Documents and Forms can be linked to the relevant Process or part of the Model.

The original Business Model is based on the relevant standard (i.e. ISO 27001)

Q: What is the Hosted Solution or Hosted Business Model?
The Business Model is loaded onto our dedicated Server with security controls, virus checking and backups. Your employees have direct access to your Business Model using Internet Explorer or a Web Browser and can change key aspects of the Model

Q: When should we start?
It is appreciated that often:

  • there exists a limited budget allocation for business and 'Information Security' improvement.
  • Resource, time and effort are simply not available to take on anything new.
  • Dealing with a full order book or trying to fill the order book takes every hour.
  • Organisations are already fully committed to activities related to new products, services, markets, staff, premises, operations etc.

There is, perhaps never the right time in to commit to any additional activity. However, ISO 27001 and other Standards should provide a systematic solution to cope better and extend operational capability and provide the means to handle change. The sooner you start, the sooner you can benefit from Accreditation.

An ISO 27001 and other Standards decision is a straight forward commercial investment to produce a solid return and business gain.

Q: Many of our Competitors / Suppliers are ISO Registered and it hasn't done them much good !
ISO 27001 and other Standards are not miracle cures; it provides the structure and route to improved quality but without vision, drive and enthusiasm, ISO 27001 can not ensure that the correct destination is always reached. Change and improvement often takes time to evolve, a donkey may never win a blood stock cup, but it will win in a donkey derby!

ISO 27001 and other Standards are tools; how the tool is used, depends on the organisation especially senior management.
This site uses cookies for statistical purposes only. Please read our full privacy policy for more information.
Copyright © 2008 - Charter 4 Business Solutions - All Rights Reserved
Terms and Conditions Policies Links
Program Software Development © Globel Limited UK LOGON