MENU

Information Security Management Systems

    1. Certificare
    2. IT
    3. ISO 27001:2013

ISO 27001:2013

ISO/IEC 27001 is the only auditable international standard which defines the requirements for an Information Security Management System (ISMS).

Information is crucial to operations and maybe even to the survival of any organization. Certification according to ISO/IEC 27001 will help an organization manage and protect its valuable information assets.

ISO/IEC 27001 is the only auditable international standard which defines the requirements for an Information Security Management System (ISMS). The standard is designed to ensure the selection of adequate and balanced security controls. This helps the organization protect its information assets and inspire confidence to any interested parties, especially its customers.

The standard is based in the process approach for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an ISMS.

ISO/IEC 27001 is suitable for all organizations, large or small, from any sector. It concerns especially organizations where the protection of information is crucial, such as in the finance, telecommunications, health, public and IT sectors.

ISO/IEC 27001 is also very suitable for companies that manage information on behalf of others, such as IT outsourcing companies and can function as a guarantee to customers that their information is secure.

ISO/IEC 27001 benefits

Certifying an ISMS according to ISO/IEC 27001 requirements can give the following benefits to an organization:

  • Proof through an independent certification body that the internal monitoring takes place and meets the corporate goals and strategies
  • Governance and business continuity requirements are met
  • Applicable laws and regulations are held
  • Provides a competitive edge by meeting contractual requirements and demonstrating to the organization’s customers that the security of their information is essential
  • Proof from an independent source that the organizational risks are properly identified, evaluated and managed
  • Proof of the existence of a formal and functional information security management system
  • Proof of the organization’s senior management’s commitment to the security of its information
  • Through the regular assessment process it assists the organization to monitor its performance and to improve
  • Proof that all information stored, processed by, or communicated through information systems has value to the organization

ISO 27001:2005 uses risk assessment to provide a management system to:

  • Maximize the availability of systems
  • Provide assurance that the integrity of systems, processing and information is maintained
  • Ensure that confidentiality of information is preserved.

Please Contact Us

Romania Office

Calea Bucurestilor 3A

Tel.: +40 374 305 793
Fax: +40 374 305 790

romania@tuv-nord.com

Cookie Settings
We would like to adapt the information on this website and our available services to your needs. For this purpose we use so-called cookies. Please decide which types of cookies you accept when using our website. The types of cookies that we use are described under "Details". Further information can be found in our privacy policy declaration.
Show details