What do you do to keep your business information secure?
Information and information systems are vital to your business. The electronic storage and exchange of data also presents some serious problems that you will have to confront.
Companies are at risk of cyber-attack from hackers, viruses and online fraudsters. Information security may also be compromised as the result of simple human error.
Manage cyber threat
To counter these threats, you have to identify the real information risks your company faces. Then you need to find the most appropriate ways to mitigate those risks. Adopting the ISO27001 standard will give your organisation a reliable framework for creating an information security management system.
You have a responsibility to safeguard the information you hold on behalf of your customers. Adopting the ISO27001 standard will protect the reputation of your company and safeguard its achievements.
This friendly guide, updated to reflect ISO27001:2013, presents the compelling business case for implementing ISO27001 in order to protect your information assets. This makes it ideal reading for anyone unfamiliar with the many benefits of the standard, and as a supporting document for an ISO27001 project proposal.
The business case for investing in information security
- Fight cybercrime - Introducing the ISO 27001 information security management system will help protect your business from the threat of organised crime.
- Fight cyber-terror - Terrorist organisations now work with computers as well as explosives. Introducing an information security management system makes it easier to defend your company from a destructive cyber-attack.
- Improve your corporate governance - Reducing your company’s financial exposure to the risk of losses resulting from IT system failure is now a corporate governance requirement. ISO 27001 will help you to comply.
- Recover from accidents - With ISO 27001, you can minimise the risk that your information will be lost or corrupted as a result of human error.
“… it’s as good a short introduction to info-security, and security management in general, as you could wish to find … Calder has done a grand job of setting out the case [for ISO 27001], briefly.”
Mark Rowe, Professional Security Magazine Online, Jan 2014
"A concise, readable overview of things to consider when putting together a convincing proposal for an ISMS".
Mike Smith, Consultant
Contact us if you are looking for the ISO27001:2005 edition.
“News headlines about hackers, viruses and online fraud,” warns Alan Calder, “are just the public tip of the data insecurity iceberg. Business losses through computer failure, or major interruption to data and operating systems, or the theft or loss of intellectual property or key business data, are more significant and more expensive.”
About the Author:
Alan Calder is a founder director of IT Governance Ltd. Before that he was the CEO of Wide-Learning, a supplier of e-learning, and of Business Link London City Partners (BLLCP). Alan Calder also served as a member of the Department of Trade and Industry’s Information Age Competitiveness Working Group. For many years he was a member of the DNV Certification Services Certification Committee, which certifies compliance with international standards including ISO 27001. He works with a wide range of clients on IT governance and information security projects.
Author: Alan Calder
Publisher: IT Governance Publishing
Publication: December 2013
Availability: Now available. Kindle version in preparation