ISO/IEC 27001 - Information Security Management (ISMS)

ISO/IEC 27001 - Information Security Management (ISMS)

Keep your confidential information safe

Keep your confidential information safe
Red Overlay
Shredded paper
Shredded paper
Red Overlay
meeting microphone image

ISO 27001 has changed

ISO/IEC 27001 has been updated to reflect the evolution of business practices such as remote working and has simplified how organizations map the controls for different stakeholders. These updates were published in October 2022.

To find out more and to be kept up to date please click here

See how ISO/IEC 27001 can benefit small and medium-sized businesses

Find out more >

What is ISO/IEC 27001 Information Security Management?

Internationally recognized, ISO/IEC 27001 helps organizations manage and protect their information assets so that they remain safe and secure, using this excellent framework. It helps you to continually review and refine the way you do this, not only for today, but also for the future.

You simply can’t be too careful when it comes to information security. Protecting personal records and commercially sensitive information is critical. ISO/IEC 27001 helps you implement a robust approach to managing information security (infosec) and building resilience.

ISO/IEC 27001 Benefits

ISO/IEC 27001 can help deliver the following benefits:

  • Protects your business, its reputation, and adds value
  • Protects your personal records and sensitive information
  • Reduces risk
  • Inspires trust in your organization

 

Leading benefits of ISO/IEC 27001 experienced by BSI customers:

75% reduces business risk
80% inspires trust
75% reduces business risk

 

Discover more ISO/IEC 27001 features and benefits (PDF) >

ISO/IEC 27001 is being revised

ISO/IEC 27001, the information security management standard was developed as the definitive global best practice for protecting vital intellectual property and information assets. Its role has grown as the backbone upon which many standards have leaned. This enables global best practices to be recognized across a wide range of digital services and processes in many industry sectors. This results in the ISO 27000 family of standards being a key enabler for trust in our increasingly digital world.

To maintain its position as the definitive global best practice, ISO/IEC 27001 is being updated to reflect the increased digitization of organizations, the associated risks, and the improvements to the categorization and management of security controls. The revised version is expected to be published in October 2022.

Prepare your organization for a smooth and effective transition and get the benefits of an updated ISMS ahead of time. ISO/IEC 27001 and its Annex A will help you strengthen your information security practices and deal effectively with today’s digital landscape.

Download our Transition Journey Guide infographic and start today

Changes to ISO 27002

ISO/IEC 27002:2022, formerly known as a “code of practice”, was published in February 2022 as a revamped version of a set of information security controls to reflect its intent. ISO/IEC 27001:2022 will reflect these changes in ISO/IEC 27002 through its Annex A.

By adopting these changes, you will be bringing your organization up to date with the latest global standard for Information Security, better protecting your organization and everyone you interact with, and building trust.

Learn more about the changes in ISO/IEC 27002:2022

How BSI helps

Understanding and/or applying the requirements of any standard to your business isn’t always a straightforward process. BSI has helped train and certify countless organizations around the world to embed an effective ISO/IEC 27001 ISMS. And you can benefit from our experience too with our ISO/IEC 27001 training courses and certification.