Qatar Quality Plus - Management System Consultants and Trainer in Doha - Qatar

    ISO 27000

ISO 27000 is part of a growing family of ISO/IEC ISMS standards, the 'ISO/IEC 27000 series'.

ISO 27000:2009 provides an overview of information security management systems, which form the subject of the information security management system (ISMS) family of standards, and defines related terms.

The objective of the standard itself is to "provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an Information Security Management System".


The adoption of ISO 27000 should be a strategic decision. Further, "The design and implementation of an organization's ISMS is influenced by their needs and objectives, security requirements, the process employed and the size and structure of the organization".

Need for ISO 27000

ISO 27000 contains best practice guidance to help protect the confidentiality, integrity and availability of the information on which we all depend - information such as our bank accounts, health and defense data, all forms of intellectual property.

Benefits of ISO 27000

Interoperability:
This is a general benefit of standardization. The idea is that systems from diverse parties are more likely to fit together if they follow a common guideline
Assurance:
Management can be assured of the quality of a system, business unit, or other entity, if a recognized framework or approach is followed
Due Diligence:
Compliance with, or certification against, and international standard is often used by management to demonstrate due diligence
Bench Marking:
Organizations often use a standard as a measure of their status within their peer community. It can be used as a bench mark for current position and progress
Awareness:
Implementation of a standard such as ISO 27001 can often result in greater security awareness within an organization
Alignment:
Because implementation of ISO 27001 (and the other ISO 27000 standards) tends to involve both business management and technical staff, greater IT and Business alignment often results

Who does the standard apply to?

ISO 27000:2009 is applicable to all types of organization i.e. commercial enterprises, government agencies and non-profit organizations.

ISO 27000 - How does it work?

The objectives of ISO/IEC 27000:2009 are to provide terms and definitions, and an introduction to the ISMS family of standards that:

1. Define requirements for an ISMS and for those certifying such systems
2. Provide direct support, detailed guidance and/or interpretation for the overall Plan-Do-Check-Act (PDCA) processes and requirements
3. Address sector-specific guidelines for ISMS
4. Address conformity assessment for ISMS



Home  |  About Us  |  Services  |  Social Responsibility  |  Testimonials   |   News   |  Contact Us
Qatar Quality Plus, P.O.Box: 202451, Ph. 4438.3818 | 5536.1165, Fax 4438.3838, Email : info@qatarqualityplus.com
Developed by Family Computers
certification, management, management system, consultancy, management training, safety training, career development, quality training, safety training, environment training, ISO 9001, ISO 14001, ISO 22000, ISO 17025, IT service management ISO 20000, information security management Systems ISO 27000, SA 8000, OHSAS 18001, ul certification, opito, q mark,quality management system ISO 9001:2008, environmental management system ISO 14001:2004, food safety management system ISO 22000, internal auditors course, lead auditors course, ISO consultants in Qatar