In for the certification? – The case of ISO 27001

A leading global provider of Business Support Systems (BSS) for Communications Service Providers (CSPs), Subex Ltd, announced on Tuesday that it had received the International Standard Organisation (ISO) Information Security Management System (ISMS) certification, ISO 27001, to support its work for BT. Globally, ISO 27001 certification is increasingly being demanded by leading CSPs from their software and services suppliers.

ISO 27001 (ISO/IEC 27001:2005) is the best practice specification that helps businesses and organisations throughout the world to develop a best-in-class Information Security Management System (ISMS). The Standard was published jointly by the International Security Office and the International Electrotechnical Commission (IEC).

Today, information and information systems are vital to all organisations. ISO 27001 sets out specific requirements, all of which must be followed, and against which an organisation’s ISMS can be audited and certified. Currently, in India complying with a new data privacy law is a must for all organisations that collect sensitive information. Organisations that become certified against the international standard for information security, ISO 27001, are deemed to be in full compliance with this law.

ISO 27001 is the first in a family of international information security standards that:

  • Will underpin and protect IT worldwide over the next decade
  • Is designed to harmonise with ISO 9001:2008, ISO 14001:2004, ISO 20000 and others for effective management system integration
  • Implements the Plan-Do-Check (PDCA) model, and
  • Reflects the principles of the 2002 OECD guidance on the security of information systems and networks.

For those new to ISO 27001 or those implementing ISMS in line with this certification, we recommend the following books that will develop your understanding of the Standard and how it can benefit your business:

Plus, if you are new to ISO 27001, one of the best places to start is our free Information Security and ISO 27001 introductory briefing paper. Written in non-technical language, this paper will help you get to grips with the key concepts of this Standard.

Download your free copy of Information Security and ISO 27001 white paper here >>