A new standard for IT security

According to today’s article by Mikael Vingaard at itmanagersjournal.com, the new ISO 27001 standard, created by the International Standards Organization for Information Security Management Systems (ISMS), “can help to locate existing security problems and prevent future threats before they prove harmful to your organization”.

An ISMS is a planned way to managing an organization’s information so that it remains secure, by using the right methodology of people, processes, and IT systems. The best practices for ISMS includes a wide range of planning to ensure business continuity, minimize business damage, and maximize ROI and business opportunities.

Internationalization of ISO standards will create a demand for a recognised ISMS certification. Clients in the future may ask whether your organization have achieved ISO 27001 certification. Besides providing “marketing” value, it helps IT managers create a framework, based on a “Plan-Do-Check-Act” approach. In general, achieving the ISO 27001 certification mitigates the risk of human error, by having sound procedures and regulations.

If the Sarbanes-Oxley Act is relevant for your business, ISO 27001 could be your best way to get a framework.

There are clear relationships between ISO 27001 and the Sarbanes-Oxley Act’s requirement to develop an information security management system that is integrated, comprehensive, and incorporates widely recognized best practices.

This blog is run by the authors of FindProtected.
FindProtected is a security program that allows you to search for password protected files. With FindProtected, you can effectively identify protected files containing sensitive data on your network.

Comments are closed.