[vc_row][vc_column width=”1\/2″][vc_column_text]<\/p>\n
ISO 27001 (formally known as ISO\/IEC 27001:2005) is a specification for an information security management system (ISMS). An ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organisation’s information risk management processes.<\/span><\/p>\n According to its documentation, ISO 27001 was developed to “provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an information security management system.”<\/span><\/p>\n ISO 27001 uses a top down, risk-based approach and is technology-neutral. <\/span><\/p>\n The specification defines a six-part planning process:<\/span><\/p>\n Define a security policy.<\/span><\/p>\n Define the scope of the ISMS.<\/span><\/p>\n Conduct a risk assessment.<\/span><\/p>\n Manage identified risks.<\/span><\/p>\n Select control objectives and controls to be implemented.<\/span><\/p>\n Prepare a statement of applicability.<\/span><\/p>\n The specification includes details for documentation, management responsibility, internal audits, continual improvement, and corrective and preventive action. The standard requires cooperation among all sections of an organisation.<\/span>[\/vc_column_text][\/vc_column][vc_column width=”1\/2″][vc_column_text]<\/p>\n The ISO 9000 family addresses various aspects of quality management and contains some of ISO\u2019s best known standards. The standards provide guidance and tools for companies and organizations who want to ensure that their products and services consistently meet customer\u2019s requirements, and that quality is consistently improved.<\/span>[\/vc_column_text][gsf_space desktop=”90″ tablet=”70″ tablet_portrait=”60″ mobile_landscape=”50″ mobile=”40″][vc_single_image image=”3119″ img_size=”full” alignment=”center”][\/vc_column][\/vc_row]<\/p>\n","protected":false},"excerpt":{"rendered":" [vc_row][vc_column width=”1\/2″][vc_column_text] What is ISO 27001? ISO 27001 (formally known as ISO\/IEC 27001:2005) is a specification for an information security management system (ISMS). An ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organisation’s information risk management processes. According to its documentation, ISO 27001 was […]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"class_list":["post-3102","page","type-page","status-publish","hentry"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.nanodems.com\/security\/wp-json\/wp\/v2\/pages\/3102"}],"collection":[{"href":"https:\/\/www.nanodems.com\/security\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.nanodems.com\/security\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.nanodems.com\/security\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.nanodems.com\/security\/wp-json\/wp\/v2\/comments?post=3102"}],"version-history":[{"count":3,"href":"https:\/\/www.nanodems.com\/security\/wp-json\/wp\/v2\/pages\/3102\/revisions"}],"predecessor-version":[{"id":3120,"href":"https:\/\/www.nanodems.com\/security\/wp-json\/wp\/v2\/pages\/3102\/revisions\/3120"}],"wp:attachment":[{"href":"https:\/\/www.nanodems.com\/security\/wp-json\/wp\/v2\/media?parent=3102"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}What is ISO 9001?<\/b><\/h3>\n