Email Us Here | Call Now on +44 (0)1635 595123

ISO 27001 Information Security Management Standard




ISO 27001 certification was developed as a similar approach to ISO 9001 certification but to cover the management of Information Security risks and resources. ISO 27001 is the Information Security Management Standard. Its requirements are based on Best Practice to assist managing your Information assets and associated risks.

Oil & Gas Industries StandardClick the following links for more specific information:

–          What is ISO 27001 Certification?

–          Benefits of ISO 27001 Certification

–          Why you need it?

–          How to gain ISO 27001 Certification?

–          How much does it cost?

What is ISO 27001 Certification?

With the worldwide competitive pressure, organisations are trying to reduce costs, speed up supply chain and improve service. This has encouraged the creation of partnerships and the reduction of duplicate costs within a supply chain. Examples include re-entering order details and goods-in sampling and inspection.

One way to achieve these savings has been the sharing of commercially sensitive information. However there is concern about the security of such information, once it is passed to other organisation in the supply chain.

To answer this concern, well as other security issues since “9/11″, ISO 27001 was developed to provide externally assessed checks of data security. Please note that ISO 27001 does not just cover the security of electronic data and therefore should not be considered only of concern of the IT or Computer specialists.

The Standard is not just about guarding & protecting Information. Instead it is about understanding the risks and information requirements of the business. The sometimes conflicting requirements of “Availability”, “Confidentiality” and “Integrity” need to be assessed and suitable processes, training and controls implemented.

As the system is designed and documented, to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties.

Note: Information Security is often viewed as primarily an IT Departmental responsibility. However it is a business wide requirement, though obviously there should be a significant IT involvement

ISO 27001 is relevant to any business that is serious about its Information assets. Where a requirement is not applicable, it can be considered as a justified exclusion.

Benefits of ISO 27001?

  1. Manage your Information Assets better
  2. Reduce your Information related Risks. Ensure the right information is available at the right time to only the right people.
  3. Understand your legal & other requirements – then manage them
  4. Improve and Protect your Reputation – not only the legal requirements but also better manage & reduce near-misses & incidents
  5. Required by Customers or Supplier or Employees or Regulatory compliance. Information is valuable, they will want to know that you will guard their business information when given to you.
  6. Improve your Business resilience

When to start ? – Now and benefit sooner. Call or email us

Why You need it ?

Any Organisation that is serious about Information Security. All requirements of this International Standard are generic and are intended to be applicable to all organisations, regardless of type, size and information. It covers your Information Security responsibilities.

How to Gain ISO 27001 Certification

The quick answer is contact us, but there are common steps

  1. Review your operation compared to the Standard’s requirements & then document
  2. Implement, train & refine
  3. Check internally (Audit) & Management Review; Continue the refining
  4. External Check (UKAS accredited Assessor). When successful the Certification, then ongoing yearly Surveillance visits

Three Format Options for documentation of the Information Security Manual, Procedures / Process Diagrams and Forms:

  1. Text – the traditional approach but limits the opportunity for Business Improvement
  2. Process Diagrams – assists with clearer understanding of processes and process interaction but often cumbersome to interlink electronically
  3. Integrated Per4ma Business Model – Opportunity for Business Improvement

Contact us today for the first steps to ISO 27001 Certification

How Much Does it Cost?

Invest in your future by improving your Business. We have options to suit your situation including

  • Price Right -The Cost Effective Solution – if the Cost of achieving ISO is the critical factor. We personalise & document your Systems to comply with the relevant Standard & check compliance before UKAS accredited Assessment
  • Manage Right – The Time Effective Solution – We save you Time. If you do not have the internal resources for the Documenting, Project Management & Training, we assist.
  • Risk Right If you do not have the internal resources for the Documenting, Project Management, Admin & Training, we can assist as Deputy Quality Management Representative
  • Support Right – Support as & when you want it – whether Onsite assistance & Auditing / Convert documentation /Additional Standards (i.e. ISO 13485, API Monogram & Q1, AS 9120 etc.) / Improvements / Refresh your System.
  • Personalised Solution

Call us: (0)1635 595123
Email us: info@charter4.com
For a free discussion or quote or for further information about this certification standard.

A range of ISO logos