ISO/IEC 27001 Information Security Management

ISO/IEC 27001 Information Security Management

Keep your confidential information safe

Keep your confidential information safe
Red Overlay
information security
information security
Red Overlay

Expert Talks: Safaricom Information Security Journey

Watch the recording
meeting microphone image

ISO 27001 has changed

ISO/IEC 27001 has been updated to reflect the evolution of business practices such as remote working and has simplified how organizations map the controls for different stakeholders. These updates were published in October 2022.

To find out more and to be kept up to date please click here

What is ISO/IEC 27001 Information Security Management?

Internationally recognized, ISO/IEC 27001 helps organizations manage and protect their information assets so that they remain safe and secure, using this excellent framework. It helps you to continually review and refine the way you do this, not only for today, but also for the future.

You simply can’t be too careful when it comes to information security. Protecting personal records and commercially sensitive information is critical. ISO/IEC 27001 helps you implement a robust approach to managing information security (infosec) and building resilience.

ISO/IEC 27001 Benefits

ISO/IEC 27001 can help deliver the following benefits:

  • Protects your business, its reputation, and adds value
  • Protects your personal records and senstitive information
  • Reduces risk
  • Inspires trust in your organization

 

Leading benefits of ISO/IEC 27001 experienced by BSI customers:

75% reduces business risk
80% inspires trust
75% reduces business risk

 

Discover more ISO/IEC 27001 features and benefits (PDF) >

The necessity of integrating Information Security and Business Continuity Management Systems

The importance of business continuity and information security management is well understood by organizations worldwide, however, on the journey of establishing, implementing, maintaining, and continually improving information security and business continuity.

In this interview, integrating two emerging management systems is discussed from the international standards and technical point of view by Kursad Yuce, Head of Digital Trust Assurance MEA, BSI. He emphasizes the vital questions about Information Security and Business Continuity Management Systems, the necessity of integrating them and which components of these management systems would enable this critical integration from a technical perspective.

What are the benefits of ISO/IEC 27001 Information Security Management?

  • Identify risks and put controls in place to manage or eliminate them
  • Flexibility to adapt controls to all or selected areas of your business
  • Gain stakeholder and customer trust that their data is protected 
  • Demonstrate compliance and gain status as preferred supplier
  • Meet more tender expectations by demonstrating compliance 
Find out more about the features & benefits of ISO/IEC 27001 certification. >

ISO/IEC 27001 case study

Safaricom has transformed from a telecommunication service provider into a technology company. It has grown to be more than just a mobile service provider, morphing into a digital lifestyle enabler leveraging on technology, and driven by its purpose: To transform lives.

Read the case study to learn more about Safaricom's challenges and how the implementation of ISO/IEC 27001 supported them in achieving the goals.

Download the case study >

How BSI can support you?

Certification: Certification to a management system demonstrates to your internal and external stakeholders that you are committed to being the best you can be.

Verification audits: By partnering with BSI to verify your compliance with international best practices, we will highlight current strengths and weaknesses in your systems with our value-adding reports.

Internal audits: Let us review your organizational governance against industry-specific requirements, protocols, and standards.

Training: Our expert tutors deliver a wide range of training courses either online, in-house, or part of an open course to help you understand, implement, and audit against the requirements to the standard.

Browse courses

Where are you on your information security management journey?

Whether you’re new to ISO/IEC 27001 or looking to take your expertise further, we have the right training courses and resources on how to reach unquestioned data security. We offer packages that can be customized to your business to get you started with information security management as well as information security policy. An ISO/IEC 27001 package can be designed to remove the complexity of getting you where you want to be – whatever your starting point.

How international standards can help you build a robust Information Security Resilience

Listen to our expert providing tips and tricks to enable a strong Information Security management system and why it’s important

 

Request a quote

Do you want to know how much certification or training will cost your business? Get a quick no-obligation quote now.

Request a quote >