The European Network and Information Security Agency (ENISA) regards the ISO/IEC 27001 and ISO/IEC 27002 standards as a necessity for those implementing and improving an Information Security Management System (ISMS).
“It’s recommended to take notice of the standard and use it as much as feasible. It gives an organisation all best practices and guidance to organize information security in all aspects, therefore giving the constituents, when implemented, the assurance that all information is handled secure.”
The ISO27001 standard should be read before starting your journey towards certification:
ISO/IEC 27001 is the only internationally recognized information security management standard for an ISMS and is recognised worldwide. The standard adopts and explains a process approach for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an organization’s ISMS.
Download this standard today >>
More to explore: