ISO 27001, formerly known as BS 7799, is the international standard that describes best practice for an information security management system (ISMS). Over 27,000 organisations worldwide implemented the standard in 2015 (ISO Survey), a rise of 20% from the previous year.
Certification to ISO 27001 can bring organisations a host of benefits, including:
- Safeguarding your valuable data and intellectual property
- Winning new business and retaining your existing customer base
- Avoiding the financial penalties and losses associated with data breaches
- Complying with business, legal, contractual and regulatory requirements
- Improving your processes
- And much more.
ISO 27001 is not the complicated standard it is made out to be
Brian said that it “really struck him how complicated people seemed to think ISO 27001 was”.
Brian said that many people thought ISO 27001 would “require thousands of mandates, lots of money to invest in IT equipment and systems, and would take forever to get implemented”.
However, he highlighted that the Standard is not as complicated as you might think and that you may not have to buy new systems or security systems to comply with it.
ISO 27001 can be implemented on your current Windows® system
A lot of the technical controls in ISO 27001 can be addressed with the inbuilt functionality and tools in Microsoft® Windows.
ISO27001 in a Windows® Environment gives essential guidance for everyone involved in a Windows-based ISO 27001 project.
- Details the various controls required under ISO 27001:2013, together with the relevant Microsoft products that can be used to implement them.
- Explains how to make the most of Windows security features.
- Is ideal for bridging the knowledge gap between ISO 27001 and Windows security.