Managing security and compliance through an Information Security and Management System

Using an holistic approach to managing ISO/IEC 27001, data protection, privacy and PCI DSS

Information Security Management SystemBy using a single system for the ongoing management of compliance, regulatory and legal information security obligations, overlapping requirements can be identified, efficiencies leveraged and greater visibility and assurance can be provided to the organization. To achieve this single point of management we advise adopting the internationally recognised ISO/IEC 27001 – Information Security Management System (ISMS) model.

This paper provides insight on how an Information Security Management System (ISMS) can be used to drive a holistic management approach for security standards and compliance obligations such as ISO 27001, PCI DSS and privacy.