Information Security
ISO 27001 is a specification for the management of information security. It is
applicable to all sectors of industry and not confined to just information held on
computers. Information may be printed or written on paper, stored electronically,
transmitted by post or email, shown on films, or spoken in conversation.

ISO 27001:2005

Why apply for ISO 27001 certification?
The objective of ISO 27001certification is to ensure that there are adequate confidentiality, integrity and availability controls in place to safeguard the information of interested parties. These include clients, employees, trading partners and consumers.
Unprotected systems are vulnerable to an array of threats, including computer-assisted fraud, sabotage and viruses. Such threats can be internal or external, accidental or malicious. Breaches in information security can allow vital information to be accessed, stolen, corrupted or lost.
Benefits to your company of ISO 27001 certification
The ISO 27001 standard is intended to assist with these risks. It is easy to imagine the consequences and damage to a brand or organisation if its information was lost, destroyed, corrupted, burnt, flooded, sabotaged or misused.
An information security management system compliant to ISO 27001 can help you demonstrate to clients and suppliers that you take information security seriously. You will gain a competitive advantage; an ever-growing number of companies require certification to ISO 270001 as a prerequisite for doing business.
  • Demonstration of credibility and trust
  • Proven business credentials
  • Establishes that laws and regulations are being met
  • Openings in new markets
  • Ensures commitment to on-going information security
  • Customer satisfaction
  • Provides confidence to stakeholders, customer, trading partners, employees
Requirements of the ISO 27001 standard
The main requirements of the standard can be categorised as follows:
  • Security policy
  • Communications and operations management
  • Organisational security
  • Access control
  • Asset classification and control
  • System development and maintenance
  • Personnel security
  • Business continuity management
  • Physical and environmental security
  • Compliance with legislation
  • Systematic approach
  • Demonstrate conformity against specific targets and objectives
  • Improved management of environmental risk

Dowload Application Form