ISO 27001 – Are your Business Systems Ready?

There is a new standard for Quality Management and it directly affects IT and specifically IT Security.

It is ISO 27001. What is it?

WHAT IS ISO 27001?

ISO 27001 is the formal standard against which organizations may seek independent certification of their Information Security Management Systems, meaning their framework to design, implement, manage, maintain and enforce information security processes and controls systematically and consistently throughout the organizations. The final version of ISO 27001:2005 is available now from ISO or BSI. More information is available at www.iso.org, www.bsiamericas.com and www.xisec.com.

This is a standard for ensuring the quality and integrity of IT Systems. Being certified in ISO 27001 can help with Gramm-Leach-Bliley Act (GLBA), the Health Insurance Portability and Accountability Act (HIPAA) and the Sarbanes-Oxley Act (SOX).

Some sources of information on this emerging standard can be found at:

http://www.27001-online.com/index.htm

http://groups.yahoo.com/group/iso-27001/