ISO/IEC 27001 – Information security
Information is one of the most valuable assets of an organisation. Inappropriate handling of information or the release of confidential information harms the reputation of an organisation and can even lead to claims for damages or legal action. Apart from external threats, such as viruses, spyware or hacking, internal risks of incorrect and incomplete handling of data are crucial.
Every organisation, big or small, benefits from proper protection and correct management of information and information systems. Setting up an Information Security Management System (ISMS) is therefore a precondition for achieving accuracy, completeness, availability and confidentiality of company information. The ISO/IEC 27001 can be used as a basis for this purpose.
The most recent version of ISO/IEC 27001 was published in 2013 and ISO/IEC 27004 in 2016. It is also available in a Dutch & French version. Its structure was entirely revised according to the new High Level Structure (HLS), which matches the new structure of the 2015 editions of ISO 9001 and ISO 14001.
This information session is particularly suited for professionals who want to get to know the ISO/IEC 27000 series:
- ICT managers or officers
- Information security officers
- Employees of ICT departments
- ICT auditors
- ICT consultants
- Internal auditors
- Financial auditors
- Risk Managers
- Operations managers
- Financial managers
The standard ISO/IEC 27001 provides a framework for defining, implementing, executing, monitoring and improving information security within an organisation. Other standards from the ISO/IEC 27000 family contain more detailed guidelines for risk management or control measures.
The effective application of ISO/IEC 27001 offers the following advantages:
- Proper protection of proprietary information.
- Managing ICT risks and thereby avoiding reputation damage, claims or legal action.
- Proper information security creates trust with shareholders and stakeholders.
- Certification to ISO/IEC 27001 increases the market value of the organisation if information processing is its core business.
- In certain sectors security is a basic requirement, especially if sensitive information is processed.
This training is organized in collaboration with the NBN Academy.