ISO27001 Compliance Database and Update Service

Print this page

ISO27001 Compliance Database and Update Service (1 or 3 Year Licence)

ISO27001 requires you to develop your ISMS, taking ‘into account business and legal or regulatory requirements, and contractual security obligations’ (Clause 4.2.1 b. 2).

 

Do you know which of the 71 (as of November 2011) relevant UK laws and regulations apply to your business? Have you identified appropriate security controls to ensure that you are in compliance?

 

The only cost-effective way to meet these needs is with the ITG ISO27001 Compliance Database and Update Service – which also helps you comply with five key Annex A controls.

Comply with Five Key ISO27001 Annex A Controls

The five controls in ISO/IEC 27001 Annex A which impose specific requirements in terms of, first, identifying and, second, staying up-to-date with statutory and regulatory requirements (hover over control for control objective from ISO/IEC27001:2005).

 

A.15.1.1  Identification of applicable legislation

 

A.15.1.2  Intellectual Property Rights (IPR)

 

A.15.1.3  Protection of Organizational Records

 

A.15.1.4  Data protection and privacy of personal information

 

A.15.1.6  Regulation of Cryptographic Controls

Database of All Critical Statutory & Regulatory Documents

Find all the critical statutory and regulatory documents in one place - saving you the time, hassle and expense of trying to track them down and make sense of them all yourself. The easy-to-use ITG ISO27001 Compliance Database includes:

• all the 71 statutes and regulations (including information security and IT-related, IPR and copyright, Software protection, Data Protection, Privacy and Cryptographic controls) relevant to each of the Annex A controls above, together with links to directly relevant international regulations and frameworks (eg US Safe Harbor Provisions for Data Protection), together with:
  • Selection option to allow you to create your own bespoke legal register;
  • Links to full text versions of relevant clause of statutes and regulations;
  • Links to best-practice and official compliance guidance wherever it exists;
  • Option to comment on individual items to demonstrate compliance and create an audit trail;
  • Identification of which controls in ISO27001 Annex A can be used to demonstrate compliance with each clause (or option to include alternative controls)
• Schedule of data retention requirements, by document type

Regular ISO27001 Compliance Database Updates

You also get regular (depending on subscription period) updates for the database, enabling you to stay abreast of the changing regulatory environment. These updates (and if there are no changes, then there will be no updates) include: information about:

• Changes to, or new, statutes and regulations, ensuring that your database is always up to date, together with implementation guidance and links to relevant ISO27001 Annex A controls;
•  Changes in regulations, or enforcement regimes, that are relevant to the identified statutes and regulations.

Analysis of Regulation Database in November 2011

Total Instruments in Database after 3 updates: 71

Relevant Compliance Information

The ISO27001 Compliance Database and Update Service identifies the specific clauses, within each legal instrument, that you must comply with, provides best practice guidance on how to comply with that clause, and enables you to select appropriate controls - again, at the individual clause level. This is THE compliance service for the ISMS project manager and, where it is appropriate to take your own professional advice, this service will enable you to manage professional legal costs very effectively! 

Easy-to-Deploy

The ISO27001 Compliance Database is in Microsoft Access 2007 format (and is compatible with Access 2010), which can be deployed directly onto a desktop or onto SharePoint Server. The licence for ISO27001 Compliance Database covers one or multiple users within a single ISMS on a single installation. The current version of this product is primarily suitable for oganisations that are based in, or have to comply with the laws of, England and Wales.

 

Publisher: IT Governance Publishing

Format: MS Access 2007 SP2, MS Access 2010 (requires prior installation of MS Access)

Launch Date: 9 December 2010

Availability: Available for purchase

 

Demonstrate Information Security Compliance - Order this database service today!

 

To write review for this product Click here