ISO27001 Working for your business

ISO/IEC27001:2013 is the international standard that provides a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an Information Security Management System (ISMS).

As the fear of security issues increases in business, customers are looking for reassurance from companies who are likewise seeking reassurance from their suppliers that information security is being managed to ensure protection of their data. For many companies the solution to responding to these concerns is alignment with ISO27001.

This article covers some of the key points we have found that will make ISO27001 work for your business. […]

Management Buy-in for ISO27001 Implementation

Overcome obstacles for Management Buy-In for Information Security

For any security plan to be effective, the co-operation of staff at all levels is essential. Achieving this is easier said than done, with other priorities and lack of communication often proving to be stubborn obstacles.

To ensure staff buy-in, management must be seen to fully support an information security plan and this can be a tough obstacle to overcome. Finding the best way to justify a security plan in the face of objections can be a challenge, but being prepared with the facts about the risks and benefits will be a big advantage. […]