about iso 27001

  
 

 

About ISO 27001
 

The Information Security Management System Standard

ISO 27001  is a management system standard published in 2005 that specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System within the context of the organization's overall business risks.

It  applies to  all types of organizations (e.g. commercial enterprises, government agencies, not-for profit organizations) and it is not limited to the IT department.  It requires the involvement of all areas of the organization in order to ensure effective implementation.

The standard specifies requirements for the implementation of security controls customized to the needs of individual organizations or parts thereof and is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties.

ISO 27001 can be used within organizations to formulate security requirements and objectives which include ensuring that security risks are cost effectively managed; definition of new information security management processes and ensuring compliance with laws and regulations.  The standard can be used by the management of organizations to determine the status of information security management activities

As an accredited Third-Party Certification Body for ISO 22000 our Approach to Certification services is one where we create positive environment which is conducive for achieving Management System objectives. 

The Steps for Certification demonstrates the process that we undertake for Management System certification to ISO 22000 based on ISO 17021 (the standard that applies to Management System Certification Bodies).

QSI can support organizations that are currently certified or that have chosen a different Certification Body by providing Assessment Services to either help get them ready for Certification and/or by providing on-going Internal Audits after ISO 22000 Certification has been achieved.

The Steps for Certification demonstrates the process that we undertake for Management System certification to ISO 27001 based on ISO 17021 (the standard that applies to Management System Certification Bodies).

QSI can support organizations that are currently certified or that have chosen a different Certification Body by providing Assessment Services to either help get them ready for Certification and/or by providing on-going Internal Audits after ISO 27001 Certification has been achieved.

For individual ISO 27001 Auditors, Consultants, Instructors and Technical Experts that wish to become Certified, QSI administers a Personnel Certification Program based on ISO 17024.

If you need additional information on how QSI can help you meet your organizational or personal development and improvement objectives, please free to Contact Us.
 

© 2008 QSI America, Inc. All rights reserved. "QSI" refers to QSI America, Inc, a Florida Corporation and its global network or of Business Partners, each of which is a separate and independent legal entity.