ISO/IEC 27001: Information Security Management System
Improve compliance with data protection requirements and reduce risks related to personally identifiable information.
Certification of your information security management system demonstrates your commitment to proactively manage and protect your information and assets and ensure compliance with legal requirements. ISO 27001 details requirements for establishing, implementing, maintaining, monitoring and improving an organisation’s information security management system.
What is ISO/IEC 27001
ISO/IEC 27001 is now the most recognized international standard for information security management systems.
- It assists organisations to establish information security management policy and objectives and understand how significant aspects can be managed, implement necessary controls and set clear objectives to improve security of information.
- It allows an organisation to manage its obligation to comply with applicable legal requirements such as GDPR (in conjunction with ISO 27701) and to regularly check the compliance status. This permits a continual improvement of the system to ensure protection and address vulnerabilities.
- It takes a comprehensive approach to information security. Assets that need protection range from digital information, paper documents, and physical assets (computers and networks) to the knowledge of individual employees. Issues to address range from competence development of staff to technical protection against computer fraud.
ISO 27001 is designed to be compatible and harmonised with other recognised management system standards. It is therefore ideal for integration into existing management systems and processes.
Accredited certification
DNV is an accredited third-party certification body and can help you throughout your journey. We provide relevant training, self-assessments, gap analysis and certification for your information security management system.
PLEASE FILL IN THE FORM TO REQUEST A QUOTE FOR ISO/IEC 27001 CERTIFICATION:
Benefits of becoming certified
ISO/IEC 27001 takes a comprehensive approach to information security and protecting assets. The standard will help you protect your information in terms of the following principles:
- Confidentiality ensures that information is accessible only to those authorised to have access
- Integrity safeguards the accuracy and completeness of information and processing methods
- Availability ensures that authorized users have access to information and associated assets when required
- Technical protection against computer fraud
To obtain certification, you need to implement an effective information security management system complying with the requirements of the standard. We provide relevant training, self-assessments and gap analysis to support you.
About DNV Business Assurance
DNV is one of the world’s leading certification bodies. Through management system certification and training services, DNV helps companies manage risks, assure compliance and sustainable performance of organizations, people and value chains across all types of industries, including food & beverage, automotive and aerospace.
DNV’s digitally enabled certification services help customers manage risks and continually improve. Whether tackling quality, environmental, safety or security challenges, DNV combines technical, industry and risk management expertise to build confidence, continuity, and resilience. DNV enables its customers and their stakeholders to make critical decisions with confidence.
Driven by its purpose, to safeguard life, property, and the environment, DNV helps tackle the challenges and global transformations facing its customers and the world today and is a trusted voice for many of the world’s most successful and forward-thinking companies.