The ISO/IEC 27001:2005
is the newest management system standard to help ensure information security. This leading-edge tool helps enable organizations to organize information security processes
and document subsequent actions in a format that allows companies to implement security controls that can be customized to their specific business needs.
The ISO/IEC 27 001:2005 Standard forms a complementary pair with the ISO/IEC 17 799:2005 - Code of practice for information security management, and replaces the British Standard BS 7799-2 used previously by organizations to register their ISMS. The standard is intended to provide the foundation for third party audit, and is "harmonized" with other ISO standards
such as the ISO 9001 and ISO 14001.
The basic objective of the standard is to help establish and maintain an effective ISMS
, using a continual improvement approach. The ISO 27001 standard integrates the OECD (Organization for Economic Cooperation and Development) 9 principles governing security of information and network systems adopted by the OECD Council at its 1037th session held on July 25th, 2002.
|Registering to the standard demonstrates to business partners and customers that your organization is committed to privacy and security.|
ISO 27001 can help with:
About QMI - SAI Global
- Minimizing the risk of privacy and security breaches
- Demonstrating due diligence for compliance with privacy laws
- Defining the security process
- Creating security objectives and requirements
- Cost-effectively managing security risks
- Ensuring the organization's security objectives are met by providing a roadmap for managing requirements
- Complying with government, industry and other regulations
- Providing a uniform platform to show customers and partners how information is secured
- Determining the extent of compliance with corporate directives and government policies
QMI - SAI Global has registered over 24,000 service and manufacturing organizations to a wide range of ISO and industry standards. More than 400 QMI - SAI Global-certified audit professionals are located across North America, providing a convenient, local source for registration services. Behind these auditors are dedicated QMI - SAI Global service teams, providing focused customer support from seven full-service offices coast to coast.
QMI - SAI Global is not only one of North America's leading management systems registrars, we are also a leader in helping companies use the registration process to make real and lasting improvements in their business. QMI - SAI Global recognizes that most companies don't see obtaining a registration certificate as the end of their management systems journey. It's a milepost in your continuing pursuit of business excellence to ensure information security throughout your organization.
QMI - SAI Global Auditors Are More Knowledgeable, Better Informed
Customers choose QMI - SAI Global because we are a supplier to depend on, and clients stay with us each year because of the value and insight that our auditor gives to their business.
A Source of Training Excellence
QMI - SAI Global offers a comprehensive range of learning products covering information security management system standards to support your training needs. From introductory overviews for executive management to advanced ISO 27001 courses for your core implementation team members, QMI - SAI Global offers training courses that are developed and delivered by experienced auditors who have an in-depth knowledge and understanding of the standard. QMI - SAI Global training programs help ensure that initial improvements in your operations are sustained and that opportunities for further improvement are recognized.
For more information, visit our training section