1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

ISO27001 Review

Discussion in 'Other IT certifications' started by Rob1234, Jun 19, 2012.

  1. Rob1234

    Rob1234 Megabyte Poster

    782
    24
    69
    Not sure if anyone has done this qualification or is interested in it but thought I would write a review on my experience of it.

    There is a few different types of ISO27001 Certifications you can do ranging from foundation, to lead implementer or lead auditor. A quick look on Google or some training provides will tell you more about each. Basically an implementer will be in charge of implementing an ISMS to ISO27001 standard while a Lead Auditor is intrested in auditing an ISMS to ISO27001 standard.

    The exams are designed to be taken as part of a one week training course although if you want you can just sit the exams but you will miss a lot of things you will need to know to be an auditor as the exam only covers a small range of what is required which is why most places will only let you sit the exam if you go on a training course first. Which can be annoying as the average cost of a course is around £1500. If anyone would like to know the training provider I used they can PM and I will give them some details.

    I decided to do the Lead Auditor course and would recommend the following books:

    Information Security Risk Management, 2nd Edition: Amazon.co.uk: A Salder, S Watkins: Books This book covers all you need to know but not in too much detail it can be a little dry to read but is worth reading.

    An Introduction to Information Security and ISO27001: Amazon.co.uk: S Watkins: Books This book is very short and basic but if you have no knowledge of ISO27001 is a good starter to get you involved.

    IT Governance: A Manager's Guide to Data Security and ISO 27001 / ISO 27002: Amazon.co.uk: Alan Calder: Books Has a lot of detail more than is needed for the exam but is very good especially if you go on to do the ISO27002 exams.

    One thing you definitely need to buy is the ISO27001 standard although it’s not needed I would also recommend the ISO27002 standard, these may seem expensive at around £100 I think but without the ISO27001 standard you will struggle with the course and these are not included with the course.

    This course and qualification might not be for everyone and is not a technical qualification at all but I found it interesting and would recommend it.
     
    Certifications: A few.
    ade1982 likes this.
  2. Thiru01

    Thiru01 Bit Poster

    13
    0
    2
    The business with ISO 27001 certification which intend commit to protect the information and the compliance relate digital data, papers and the employee information.

    ISO 27001 standard provides a systematic framework to effective security system and minimizing the risk of unknown users.

    ISO 27001 standards provide a structure for securing and managing information and relate to legal compliance, through this process which improves the performance of managing security information.
     
  3. Thiru01

    Thiru01 Bit Poster

    13
    0
    2
    Please provide more about ISO 27001 Certification Standards .what is the Current updates of ISO 27001 Standards?
     
  4. Thiru01

    Thiru01 Bit Poster

    13
    0
    2
    ISO 27001 describe the mandatory requirements for an Information Security Management System (ISMS).

    Confidently in exchange of business information and access to authorized users.

    The standard provides a valuable framework for resolving security issues.
     
  5. Thiru01

    Thiru01 Bit Poster

    13
    0
    2
    Advantage of ISO 27001 standard

    • ISO 27001 standard map out a framework for effective security information.
    • ISO 27001 commit the organization to compliance with legal, regulatory, and statutory requirements.
    • Enhance the security awareness within an organization.
    • Avoidance of threats and vulnerabilities that affect the organization.
    • Gets capable of recover from attackers and improved ability to survival.
    • Internationally recognized and lead to increase new entry level.
     
  6. Thiru01

    Thiru01 Bit Poster

    13
    0
    2
    In today’s business environment significant events are high which are hacking ,online frauds, duplicating etc.
    The ISO 27001 standard provides an guideline and procedure for securing information in range of papers, digital data, and physical assets. Confidently in exchanging business information and access to authorized users.
     
  7. Thiru01

    Thiru01 Bit Poster

    13
    0
    2
    Characteristics of Information security management system
    ISO 27001 is the standard common in nature applicable to any type of organization which information security of business globally recognized.
    The standard provides an guideline and procedure for securing information in range of papers, digital data, and physical assets. Confidently in exchanging business information and access to authorized users.
     
  8. Thiru01

    Thiru01 Bit Poster

    13
    0
    2
    ISO 27001 for Small Medium Business

    ISO 27001 is for Small medium business, which requires only a minimum of procedures and technology in order to be compliant with this standard. This makes it all the more important that a firm's information security management should be carried out by someone with expertise and experience of both the ISO 27001 standard and the field of information security in general.
     
  9. Thiru01

    Thiru01 Bit Poster

    13
    0
    2
    ISO 27001 standards provide a structure for securing and managing information and relate to legal compliance, through this process which improves the performance of managing security information.

    Benefit:
    • ISO 27001 standard map out a framework for effective security information.
    • ISO 27001 commit the organization to compliance with legal, regulatory, and statutory requirements.
    • Enhance the security awareness within an organization.
    • Avoidance of threats and vulnerabilities that affect the organization.
    • Gets capable of recover from attackers and improved ability to survival.
    • Internationally recognized and lead to increase new entry level.
    • Assurance to stakeholders (investors, consumers and suppliers) in exchanging
     
  10. Thiru01

    Thiru01 Bit Poster

    13
    0
    2
    ISO 27001 standard – What is it?
    ISO 27001 defines how to organize information security system in organization which includes profit or non-profit, private or state-owned, small or large. ISO 27001 certification provides systematic framework to implement effective information management system.
     

Share This Page

Loading...