ISO27001 - PROTECTING BUSINESS INFORMATION
IMSM will be promoting the updated international standard ISO 27001
at C3 Expo this year.
You take precautions against theft of physical assets, you make
sure stock is controlled, and you check your bank statements regularly.
But have you thought about that other asset, the information stored
in your IT systems? How easy would it be to corrupt, copy or destroy?
ISO27001 is a management system that identifies, manages and minimizes
a range of threats to business information. It provides guidelines
for implementing a constructive risk management process, setting
up policies, and ensuring a secure infrastructure is in place.
Working on the same principle as the ISO standards, it follows
the successful Plan- Do-Check-Act model. Existing systems are incorporated.
Companies that hold the ISO27001 Standard are proclaiming that
they have taken all reasonable measures to minimize risks and prevent
unauthorized use of both company and customers' data.
How can ISO27001 help your business?
- Provides preventative measures to protect your clients' confidential
data
- Demonstrates to customers and prospects that you are observing
a duty of care
- Identifies areas of potential loss and sets up preventative
action
- Reduces the likelihood of delays, and down-time
- Protects your intellectual property
- Staff are aware of their individual responsibilities
- Provides a framework for legal compliance
- Continuous improvement built-in
IMSM's James Goldstein explains, "As businesses become less paper
based, and more information than ever is stored on computer systems,
that information is increasingly seen as an asset of the business,
and needs to be protected. It is vital to find the right balance
between giving authorized staff the tools and access needed to do
the job, and ensuring that unauthorized access is prevented. I see
it as a human problem, not an IT one. Whether in the service sector,
where companies use IT systems to manage customer data, or manufacturing,
where methodologies and supply chains are critical, there is a need
to protect their intellectual property, and that is where a documented
system of checks and balances is essential. Companies who contact
us like the fact that we do the work in a fixed number of days,
for a fixed fee, and keep disruption to a minimum. The model applied
for more than 10 years to help businesses achieve other standards
is very effective here".
13/04/06
|
