A leading global provider of Business Support Systems (BSS) for Communications Service Providers (CSPs), Subex Ltd, announced on Tuesday that it had received the International Standard Organisation (ISO) Information Security Management System (ISMS) certification, ISO 27001, to support its work for BT. Globally, ISO 27001 certification is increasingly being demanded by leading CSPs from their software and services suppliers.
ISO 27001 (ISO/IEC 27001:2005) is the best practice specification that helps businesses and organisations throughout the world to develop a best-in-class Information Security Management System (ISMS). The Standard was published jointly by the International Security Office and the International Electrotechnical Commission (IEC).
Today, information and information systems are vital to all organisations. ISO 27001 sets out specific requirements, all of which must be followed, and against which an organisation’s ISMS can be audited and certified. Currently, in India complying with a new data privacy law is a must for all organisations that collect sensitive information. Organisations that become certified against the international standard for information security, ISO 27001, are deemed to be in full compliance with this law.
ISO 27001 is the first in a family of international information security standards that:
- Will underpin and protect IT worldwide over the next decade
- Is designed to harmonise with ISO 9001:2008, ISO 14001:2004, ISO 20000 and others for effective management system integration
- Implements the Plan-Do-Check (PDCA) model, and
- Reflects the principles of the 2002 OECD guidance on the security of information systems and networks.
For those new to ISO 27001 or those implementing ISMS in line with this certification, we recommend the following books that will develop your understanding of the Standard and how it can benefit your business:
- Introducing ISO 27001 (Introduction to ISO/IEC 27001) – this special kit contains all the essential guides that will help you make your first move toward best practice information security
- Nine Steps to Success: an ISO 27001 Implementation Overview – an ideal guide for anyone tackling (or about to tackle) ISO 27001 for the first time
- The Case for ISO 27001 – this book provides all the information that you will need to assess the value to your organisation of implementing an ISO 27001 ISMS and to create the business case for doing so.
- ISO 27001 Pocket Guides Complete Set – this complete set of the Practical Information Security series of Pocket Guides provide an overview of information security best practice & guidance, that is fully aligned with the ISO 27000 range of standards.
Plus, if you are new to ISO 27001, one of the best places to start is our free Information Security and ISO 27001 introductory briefing paper. Written in non-technical language, this paper will help you get to grips with the key concepts of this Standard.