- Main Navigation
- Products + Services
- Certificates + IDs
- Path to current document:
- Home
- Products + Services
- Training and Consulting
- ICT Related Services
ICT Related Services - ISO 27001
The rising number of security breaches over the years have contributed to increasing security concerns among organisations throughout the world. Therefore there is a more urgent need than ever to look at security from a holistic perspective, and to have a security management methodology to protect vital information systematically.
ISMS (Information Security Management System) was initially the initiative from the UK Department of Trade and Industry in 1995 and its main objective was to provide a code of practice to information security practitioners. ISMS concerns itself with the security of information whether in physical or logical form and focuses on three areas: the confidentiality, integrity and availability of information or usually referred to as CIA.
There are various benefits associated with a comprehensive ISMS implementation. The following diagram highlights some of the benefits of ISMS as listed out by the participants of NISER's ISMS Survey.
The following are some of the benefits associated with ISMS implementation that we observed during the running of the consulting and training programme to our clients:
- Improved understanding of business aspects
- Reductions in security breaches and/or claims
- Reductions in adverse publicity
- Improved insurance liability rating
- Identify critical assets via the Business Risk Assessment
- Ensure that ”knowledge capital” will be ”stored” in a business management system
- Be a confidence factor internally as well as externally
- Provides a systematic way for organisations to manage their information security setup through the implementation
- Provide a structure for continuous improvement
- Enhance the knowledge and importance of security-related issues at the management level
There are no exceptions when it comes to which organisations that are supposed to implement ISMS. Basically every organisation that handles information are recommended to implement it, be it financial institutions, government agencies, IT companies, hospitals, universities, insurance companies, R&D-based companies and so many others.
