SlideShare a Scribd company logo

Key features of ISO 27001

Download as DOCX, PDF
A
AbhinavSharma309481

We are the world’s largest and most established provider of training courses globally, with extensive experience of providing quality-infused learning solutions - with the capability to deliver over 30,000 courses, in 1000+ locations, across 190 countries. As market leaders, we have successfully trained over 1 million delegates - demonstrating our internationally-renowned trust and unrivalled premium quality, to all of our aspiring learners.

Education
1 of 3
Key features of ISO 27001 ISO 27001 is an international standard that provides a systematic approach for managing and protecting sensitive information within an organization. It sets out the criteria for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS). Here are some Key Features of ISO 27001: 1. Risk-Based Approach: ISO 27001 is built on a risk management framework. Organizations must identify and assess information security risks, implement controls to mitigate those risks, and regularly review and update their risk assessments. 2. Information Security Policy: Organizations are required to develop and maintain an information security policy that outlines their commitment to information security and sets the foundation for the ISMS. 3. Scope Definition: ISO 27001 allows organizations to define the scope of their ISMS, ensuring that it covers all relevant assets, processes, and locations where sensitive information is processed. 4. Leadership Involvement: Top management is expected to demonstrate leadership and commitment to information security by actively participating in the ISMS and providing necessary resources. 5. Objectives and Planning: Organizations set information security objectives and develop plans to achieve them. These objectives should be aligned with the organization's overall business goals.
6. Risk Assessment and Treatment: A key component of ISO 27001 is the identification of information security risks and the application of controls to reduce or manage those risks to an acceptable level. 7. Controls Selection: ISO 27001 provides a comprehensive list of information security controls in Annex A. Organizations can select and implement controls that are relevant to their specific risks and needs. 8. Documentation and Records: Organizations are required to maintain documented information related to their ISMS, including policies, procedures, and records of information security activities. 9. Training and Awareness: Employees should be trained and made aware of their information security responsibilities, including the importance of safeguarding sensitive information. 10.Monitoring and Measurement: ISO 27001 emphasizes the need for ongoing monitoring and measurement of the ISMS to ensure it remains effective and that corrective actions are taken when necessary. 11.Internal Auditing: Regular internal audits are conducted to assess the conformity and effectiveness of the ISMS. Auditors should be independent and competent. 12.Management Review: Top management conducts periodic reviews of the ISMS to ensure its continued suitability, adequacy, and effectiveness.
13.Continual Improvement: ISO 27001 promotes a culture of continual improvement, where organizations strive to enhance their information security processes and performance over time. 14.Certification and Compliance: Organizations can seek ISO 27001 certification through third-party audits to demonstrate their adherence to the standard's requirements. 15.Legal and Regulatory Compliance: ISO 27001 helps organizations ensure compliance with relevant laws, regulations, and contractual obligations related to information security. By implementing ISO 27001, organizations can enhance their information security posture, reduce the risk of data breaches, and build trust with customers and stakeholders regarding the protection of sensitive information.

Recommended

iso 27001 certification
iso 27001 certificationiso 27001 certification
iso 27001 certificationdenieljulian79
 
Security audits & compliance
Security audits & complianceSecurity audits & compliance
Security audits & complianceVandana Verma
 
Key Features of ISO 27001
Key Features of ISO 27001Key Features of ISO 27001
Key Features of ISO 27001zahirazahid
 
ISO 27001 Compliance Checklist 9 Step Implementation Guide.pptx
ISO 27001 Compliance Checklist 9 Step Implementation Guide.pptxISO 27001 Compliance Checklist 9 Step Implementation Guide.pptx
ISO 27001 Compliance Checklist 9 Step Implementation Guide.pptxSIS Certifications Pvt Ltd
 
20220911-ISO27000-SecurityStandards.pptx
20220911-ISO27000-SecurityStandards.pptx20220911-ISO27000-SecurityStandards.pptx
20220911-ISO27000-SecurityStandards.pptxSuman Garai
 
Iso 27001 awareness
Iso 27001 awarenessIso 27001 awareness
Iso 27001 awarenessÃsħâr Ãâlâm
 
A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...
A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...
A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...Tromenz Learning
 
Fortifying Information Assets Navigating the ISO 27001 Standard for Robust Cy...
Fortifying Information Assets Navigating the ISO 27001 Standard for Robust Cy...Fortifying Information Assets Navigating the ISO 27001 Standard for Robust Cy...
Fortifying Information Assets Navigating the ISO 27001 Standard for Robust Cy...brandname33
 

Recommended

iso 27001 certification
iso 27001 certificationiso 27001 certification
iso 27001 certificationdenieljulian79
 
Security audits & compliance
Security audits & complianceSecurity audits & compliance
Security audits & complianceVandana Verma
 
Key Features of ISO 27001
Key Features of ISO 27001Key Features of ISO 27001
Key Features of ISO 27001zahirazahid
 
ISO 27001 Compliance Checklist 9 Step Implementation Guide.pptx
ISO 27001 Compliance Checklist 9 Step Implementation Guide.pptxISO 27001 Compliance Checklist 9 Step Implementation Guide.pptx
ISO 27001 Compliance Checklist 9 Step Implementation Guide.pptxSIS Certifications Pvt Ltd
 
20220911-ISO27000-SecurityStandards.pptx
20220911-ISO27000-SecurityStandards.pptx20220911-ISO27000-SecurityStandards.pptx
20220911-ISO27000-SecurityStandards.pptxSuman Garai
 
Iso 27001 awareness
Iso 27001 awarenessIso 27001 awareness
Iso 27001 awarenessÃsħâr Ãâlâm
 
A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...
A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...
A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...Tromenz Learning
 
Fortifying Information Assets Navigating the ISO 27001 Standard for Robust Cy...
Fortifying Information Assets Navigating the ISO 27001 Standard for Robust Cy...Fortifying Information Assets Navigating the ISO 27001 Standard for Robust Cy...
Fortifying Information Assets Navigating the ISO 27001 Standard for Robust Cy...brandname33
 
Chapter 7 Managing Secure System.pdf
Chapter 7 Managing Secure System.pdfChapter 7 Managing Secure System.pdf
Chapter 7 Managing Secure System.pdfAbuHanifah59
 
27001.pptx
27001.pptx27001.pptx
27001.pptxAvniJain836319
 
ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview Ahmed Riad .
 
Guide on ISO 27001 Controls
Guide on ISO 27001 ControlsGuide on ISO 27001 Controls
Guide on ISO 27001 ControlsVISTA InfoSec
 
Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001Chandan Singh Ghodela
 
Key Principles of 27701 Certification
Key Principles of 27701 CertificationKey Principles of 27701 Certification
Key Principles of 27701 CertificationShyamMishra72
 
ISMS Requirements
ISMS RequirementsISMS Requirements
ISMS Requirementshumanus2
 
ISO 27001:2022 Introduction
ISO 27001:2022 IntroductionISO 27001:2022 Introduction
ISO 27001:2022 IntroductionAndrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
Infosec Audit Lecture_4
Infosec Audit Lecture_4Infosec Audit Lecture_4
Infosec Audit Lecture_4Obrina Candra, CISA, ISMS-LA
 
ISO 27005 - Digital Trust Framework
ISO 27005 - Digital Trust FrameworkISO 27005 - Digital Trust Framework
ISO 27005 - Digital Trust FrameworkMaganathin Veeraragaloo
 
ISO_ 27001:2022 Controls & Clauses.pptx
ISO_ 27001:2022 Controls & Clauses.pptxISO_ 27001:2022 Controls & Clauses.pptx
ISO_ 27001:2022 Controls & Clauses.pptxforam74
 
ISO 27701 Essentials: Building a Robust Privacy Management System
ISO 27701 Essentials: Building a Robust Privacy Management SystemISO 27701 Essentials: Building a Robust Privacy Management System
ISO 27701 Essentials: Building a Robust Privacy Management SystemShyamMishra72
 
Planning for-and implementing ISO 27001
Planning for-and implementing ISO 27001Planning for-and implementing ISO 27001
Planning for-and implementing ISO 27001Yerlin Sturdivant
 
english_bok_ismp_202306.pptx
english_bok_ismp_202306.pptxenglish_bok_ismp_202306.pptx
english_bok_ismp_202306.pptxssuser00d6eb
 
Ebsl Technologies It Operations Internal Presentation
Ebsl Technologies It Operations Internal PresentationEbsl Technologies It Operations Internal Presentation
Ebsl Technologies It Operations Internal PresentationPublicly traded global multi-billion services company
 
8 requirements to get iso 27001 certification in sri lanka
8 requirements to get iso 27001 certification in sri lanka8 requirements to get iso 27001 certification in sri lanka
8 requirements to get iso 27001 certification in sri lankaAnoosha Factocert
 
Information Security Management System with ISO/IEC 27000:2018
Information Security Management System with ISO/IEC 27000:2018Information Security Management System with ISO/IEC 27000:2018
Information Security Management System with ISO/IEC 27000:2018Goutama Bachtiar
 
ISO 27701: The Gold Standard for Privacy Management
ISO 27701: The Gold Standard for Privacy ManagementISO 27701: The Gold Standard for Privacy Management
ISO 27701: The Gold Standard for Privacy ManagementShyamMishra72
 
Implementing & Evaluating ISO 270012013 Framework in a Corporate.docx
Implementing & Evaluating ISO 270012013 Framework in a Corporate.docxImplementing & Evaluating ISO 270012013 Framework in a Corporate.docx
Implementing & Evaluating ISO 270012013 Framework in a Corporate.docxterirasco
 
Iso27001
Iso27001Iso27001
Iso27001SHRIYARAI4
 
Define Function In Python | Python Lambda Function | Python Functions
Define Function In Python | Python Lambda Function | Python FunctionsDefine Function In Python | Python Lambda Function | Python Functions
Define Function In Python | Python Lambda Function | Python FunctionsAbhinavSharma309481
 
Contact Book Project in Python for Beginners.docx
Contact Book Project in Python for Beginners.docxContact Book Project in Python for Beginners.docx
Contact Book Project in Python for Beginners.docxAbhinavSharma309481
 

More Related Content

Similar to Key features of ISO 27001

Chapter 7 Managing Secure System.pdf
Chapter 7 Managing Secure System.pdfChapter 7 Managing Secure System.pdf
Chapter 7 Managing Secure System.pdfAbuHanifah59
 
ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview Ahmed Riad .
 
Guide on ISO 27001 Controls
Guide on ISO 27001 ControlsGuide on ISO 27001 Controls
Guide on ISO 27001 ControlsVISTA InfoSec
 
Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001Chandan Singh Ghodela
 
Key Principles of 27701 Certification
Key Principles of 27701 CertificationKey Principles of 27701 Certification
Key Principles of 27701 CertificationShyamMishra72
 
ISMS Requirements
ISMS RequirementsISMS Requirements
ISMS Requirementshumanus2
 
ISO_ 27001:2022 Controls & Clauses.pptx
ISO_ 27001:2022 Controls & Clauses.pptxISO_ 27001:2022 Controls & Clauses.pptx
ISO_ 27001:2022 Controls & Clauses.pptxforam74
 
ISO 27701 Essentials: Building a Robust Privacy Management System
ISO 27701 Essentials: Building a Robust Privacy Management SystemISO 27701 Essentials: Building a Robust Privacy Management System
ISO 27701 Essentials: Building a Robust Privacy Management SystemShyamMishra72
 
Planning for-and implementing ISO 27001
Planning for-and implementing ISO 27001Planning for-and implementing ISO 27001
Planning for-and implementing ISO 27001Yerlin Sturdivant
 
english_bok_ismp_202306.pptx
english_bok_ismp_202306.pptxenglish_bok_ismp_202306.pptx
english_bok_ismp_202306.pptxssuser00d6eb
 
8 requirements to get iso 27001 certification in sri lanka
8 requirements to get iso 27001 certification in sri lanka8 requirements to get iso 27001 certification in sri lanka
8 requirements to get iso 27001 certification in sri lankaAnoosha Factocert
 
Information Security Management System with ISO/IEC 27000:2018
Information Security Management System with ISO/IEC 27000:2018Information Security Management System with ISO/IEC 27000:2018
Information Security Management System with ISO/IEC 27000:2018Goutama Bachtiar
 
ISO 27701: The Gold Standard for Privacy Management
ISO 27701: The Gold Standard for Privacy ManagementISO 27701: The Gold Standard for Privacy Management
ISO 27701: The Gold Standard for Privacy ManagementShyamMishra72
 
Implementing & Evaluating ISO 270012013 Framework in a Corporate.docx
Implementing & Evaluating ISO 270012013 Framework in a Corporate.docxImplementing & Evaluating ISO 270012013 Framework in a Corporate.docx
Implementing & Evaluating ISO 270012013 Framework in a Corporate.docxterirasco
 

Similar to Key features of ISO 27001 (20)

Chapter 7 Managing Secure System.pdf
Chapter 7 Managing Secure System.pdfChapter 7 Managing Secure System.pdf
Chapter 7 Managing Secure System.pdf
 
27001.pptx
27001.pptx27001.pptx
27001.pptx
 
ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview
 
Guide on ISO 27001 Controls
Guide on ISO 27001 ControlsGuide on ISO 27001 Controls
Guide on ISO 27001 Controls
 
Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001
 
Key Principles of 27701 Certification
Key Principles of 27701 CertificationKey Principles of 27701 Certification
Key Principles of 27701 Certification
 
ISMS Requirements
ISMS RequirementsISMS Requirements
ISMS Requirements
 
ISO 27001:2022 Introduction
ISO 27001:2022 IntroductionISO 27001:2022 Introduction
ISO 27001:2022 Introduction
 
Infosec Audit Lecture_4
Infosec Audit Lecture_4Infosec Audit Lecture_4
Infosec Audit Lecture_4
 
ISO 27005 - Digital Trust Framework
ISO 27005 - Digital Trust FrameworkISO 27005 - Digital Trust Framework
ISO 27005 - Digital Trust Framework
 
ISO_ 27001:2022 Controls & Clauses.pptx
ISO_ 27001:2022 Controls & Clauses.pptxISO_ 27001:2022 Controls & Clauses.pptx
ISO_ 27001:2022 Controls & Clauses.pptx
 
ISO 27701 Essentials: Building a Robust Privacy Management System
ISO 27701 Essentials: Building a Robust Privacy Management SystemISO 27701 Essentials: Building a Robust Privacy Management System
ISO 27701 Essentials: Building a Robust Privacy Management System
 
Planning for-and implementing ISO 27001
Planning for-and implementing ISO 27001Planning for-and implementing ISO 27001
Planning for-and implementing ISO 27001
 
english_bok_ismp_202306.pptx
english_bok_ismp_202306.pptxenglish_bok_ismp_202306.pptx
english_bok_ismp_202306.pptx
 
Ebsl Technologies It Operations Internal Presentation
Ebsl Technologies It Operations Internal PresentationEbsl Technologies It Operations Internal Presentation
Ebsl Technologies It Operations Internal Presentation
 
8 requirements to get iso 27001 certification in sri lanka
8 requirements to get iso 27001 certification in sri lanka8 requirements to get iso 27001 certification in sri lanka
8 requirements to get iso 27001 certification in sri lanka
 
Information Security Management System with ISO/IEC 27000:2018
Information Security Management System with ISO/IEC 27000:2018Information Security Management System with ISO/IEC 27000:2018
Information Security Management System with ISO/IEC 27000:2018
 
ISO 27701: The Gold Standard for Privacy Management
ISO 27701: The Gold Standard for Privacy ManagementISO 27701: The Gold Standard for Privacy Management
ISO 27701: The Gold Standard for Privacy Management
 
Implementing & Evaluating ISO 270012013 Framework in a Corporate.docx
Implementing & Evaluating ISO 270012013 Framework in a Corporate.docxImplementing & Evaluating ISO 270012013 Framework in a Corporate.docx
Implementing & Evaluating ISO 270012013 Framework in a Corporate.docx
 
Iso27001
Iso27001Iso27001
Iso27001
 

More from AbhinavSharma309481

Define Function In Python | Python Lambda Function | Python Functions
Define Function In Python | Python Lambda Function | Python FunctionsDefine Function In Python | Python Lambda Function | Python Functions
Define Function In Python | Python Lambda Function | Python FunctionsAbhinavSharma309481
 
Contact Book Project in Python for Beginners.docx
Contact Book Project in Python for Beginners.docxContact Book Project in Python for Beginners.docx
Contact Book Project in Python for Beginners.docxAbhinavSharma309481
 
AWS Tutorial For Beginners / What Is AWS
AWS Tutorial For Beginners / What Is AWSAWS Tutorial For Beginners / What Is AWS
AWS Tutorial For Beginners / What Is AWSAbhinavSharma309481
 
What Is Compliance / Importance of Compliance
What Is Compliance / Importance of ComplianceWhat Is Compliance / Importance of Compliance
What Is Compliance / Importance of ComplianceAbhinavSharma309481
 
Python Applications by The Knowledge Academy.docx
Python Applications by The Knowledge Academy.docxPython Applications by The Knowledge Academy.docx
Python Applications by The Knowledge Academy.docxAbhinavSharma309481
 
Business Analytics Techniques.docx
Business Analytics Techniques.docxBusiness Analytics Techniques.docx
Business Analytics Techniques.docxAbhinavSharma309481
 
Benefits of ISO Certification.docx
Benefits of ISO Certification.docxBenefits of ISO Certification.docx
Benefits of ISO Certification.docxAbhinavSharma309481
 
What is Linux Operating System.docx
What is Linux Operating System.docxWhat is Linux Operating System.docx
What is Linux Operating System.docxAbhinavSharma309481
 
Top 15 Microsoft Azure Facts in 2023
Top 15 Microsoft Azure Facts in 2023Top 15 Microsoft Azure Facts in 2023
Top 15 Microsoft Azure Facts in 2023AbhinavSharma309481
 
Reasons to become a Business Analyst
Reasons to become a Business AnalystReasons to become a Business Analyst
Reasons to become a Business AnalystAbhinavSharma309481
 

More from AbhinavSharma309481 (20)

Define Function In Python | Python Lambda Function | Python Functions
Define Function In Python | Python Lambda Function | Python FunctionsDefine Function In Python | Python Lambda Function | Python Functions
Define Function In Python | Python Lambda Function | Python Functions
 
Contact Book Project in Python for Beginners.docx
Contact Book Project in Python for Beginners.docxContact Book Project in Python for Beginners.docx
Contact Book Project in Python for Beginners.docx
 
AWS Tutorial For Beginners / What Is AWS
AWS Tutorial For Beginners / What Is AWSAWS Tutorial For Beginners / What Is AWS
AWS Tutorial For Beginners / What Is AWS
 
What Is Compliance / Importance of Compliance
What Is Compliance / Importance of ComplianceWhat Is Compliance / Importance of Compliance
What Is Compliance / Importance of Compliance
 
Python Applications by The Knowledge Academy.docx
Python Applications by The Knowledge Academy.docxPython Applications by The Knowledge Academy.docx
Python Applications by The Knowledge Academy.docx
 
Python Applications
Python ApplicationsPython Applications
Python Applications
 
What Is Compliance.docx
What Is Compliance.docxWhat Is Compliance.docx
What Is Compliance.docx
 
What Is Compliance.docx
What Is Compliance.docxWhat Is Compliance.docx
What Is Compliance.docx
 
Business Analytics Techniques.docx
Business Analytics Techniques.docxBusiness Analytics Techniques.docx
Business Analytics Techniques.docx
 
Basics of Python.docx
Basics of Python.docxBasics of Python.docx
Basics of Python.docx
 
Python for Beginners.docx
Python for Beginners.docxPython for Beginners.docx
Python for Beginners.docx
 
Benefits of ISO Certification.docx
Benefits of ISO Certification.docxBenefits of ISO Certification.docx
Benefits of ISO Certification.docx
 
What is Linux Operating System.docx
What is Linux Operating System.docxWhat is Linux Operating System.docx
What is Linux Operating System.docx
 
Top 15 Microsoft Azure Facts in 2023
Top 15 Microsoft Azure Facts in 2023Top 15 Microsoft Azure Facts in 2023
Top 15 Microsoft Azure Facts in 2023
 
The Benefits of Mentoring
The Benefits of MentoringThe Benefits of Mentoring
The Benefits of Mentoring
 
What Is Excel.docx
What Is Excel.docxWhat Is Excel.docx
What Is Excel.docx
 
Key Agile Methodologies.docx
Key Agile Methodologies.docxKey Agile Methodologies.docx
Key Agile Methodologies.docx
 
Future of DevOps.docx
Future of DevOps.docxFuture of DevOps.docx
Future of DevOps.docx
 
Four Dimensions of ITIL 4
Four Dimensions of ITIL 4Four Dimensions of ITIL 4
Four Dimensions of ITIL 4
 
Reasons to become a Business Analyst
Reasons to become a Business AnalystReasons to become a Business Analyst
Reasons to become a Business Analyst
 

Recently uploaded

QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lessonQUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lessonhttgc7rh9c
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Jisc
 
Personalisation of Education by AI and Big Data - Lourdes Guàrdia
Personalisation of Education by AI and Big Data - Lourdes GuàrdiaPersonalisation of Education by AI and Big Data - Lourdes Guàrdia
Personalisation of Education by AI and Big Data - Lourdes GuàrdiaEADTU
 
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...Nguyen Thanh Tu Collection
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - Englishneillewis46
 
What is 3 Way Matching Process in Odoo 17.pptx
What is 3 Way Matching Process in Odoo 17.pptxWhat is 3 Way Matching Process in Odoo 17.pptx
What is 3 Way Matching Process in Odoo 17.pptxCeline George
 
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...EADTU
 
dusjagr & nano talk on open tools for agriculture research and learning
dusjagr & nano talk on open tools for agriculture research and learningdusjagr & nano talk on open tools for agriculture research and learning
dusjagr & nano talk on open tools for agriculture research and learningMarc Dusseiller Dusjagr
 
Andreas Schleicher presents at the launch of What does child empowerment mean...
Andreas Schleicher presents at the launch of What does child empowerment mean...Andreas Schleicher presents at the launch of What does child empowerment mean...
Andreas Schleicher presents at the launch of What does child empowerment mean...EduSkills OECD
 
Observing-Correct-Grammar-in-Making-Definitions.pptx
Observing-Correct-Grammar-in-Making-Definitions.pptxObserving-Correct-Grammar-in-Making-Definitions.pptx
Observing-Correct-Grammar-in-Making-Definitions.pptxAdelaideRefugio
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxJisc
 
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxHMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxmarlenawright1
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxEsquimalt MFRC
 
Introduction to TechSoup’s Digital Marketing Services and Use Cases
Introduction to TechSoup’s Digital Marketing Services and Use CasesIntroduction to TechSoup’s Digital Marketing Services and Use Cases
Introduction to TechSoup’s Digital Marketing Services and Use CasesTechSoup
 
21st_Century_Skills_Framework_Final_Presentation_2.pptx
21st_Century_Skills_Framework_Final_Presentation_2.pptx21st_Century_Skills_Framework_Final_Presentation_2.pptx
21st_Century_Skills_Framework_Final_Presentation_2.pptxJoelynRubio1
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxJisc
 
UGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdf
UGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdfUGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdf
UGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdfNirmal Dwivedi
 
Diuretic, Hypoglycemic and Limit test of Heavy metals and Arsenic.-1.pdf
Diuretic, Hypoglycemic and Limit test of Heavy metals and Arsenic.-1.pdfDiuretic, Hypoglycemic and Limit test of Heavy metals and Arsenic.-1.pdf
Diuretic, Hypoglycemic and Limit test of Heavy metals and Arsenic.-1.pdfKartik Tiwari
 

Recently uploaded (20)

QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lessonQUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
 
Personalisation of Education by AI and Big Data - Lourdes Guàrdia
Personalisation of Education by AI and Big Data - Lourdes GuàrdiaPersonalisation of Education by AI and Big Data - Lourdes Guàrdia
Personalisation of Education by AI and Big Data - Lourdes Guàrdia
 
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...
 
VAMOS CUIDAR DO NOSSO PLANETA! .
VAMOS CUIDAR DO NOSSO PLANETA! .VAMOS CUIDAR DO NOSSO PLANETA! .
VAMOS CUIDAR DO NOSSO PLANETA! .
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - English
 
What is 3 Way Matching Process in Odoo 17.pptx
What is 3 Way Matching Process in Odoo 17.pptxWhat is 3 Way Matching Process in Odoo 17.pptx
What is 3 Way Matching Process in Odoo 17.pptx
 
Including Mental Health Support in Project Delivery, 14 May.pdf
Including Mental Health Support in Project Delivery, 14 May.pdfIncluding Mental Health Support in Project Delivery, 14 May.pdf
Including Mental Health Support in Project Delivery, 14 May.pdf
 
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
 
dusjagr & nano talk on open tools for agriculture research and learning
dusjagr & nano talk on open tools for agriculture research and learningdusjagr & nano talk on open tools for agriculture research and learning
dusjagr & nano talk on open tools for agriculture research and learning
 
Andreas Schleicher presents at the launch of What does child empowerment mean...
Andreas Schleicher presents at the launch of What does child empowerment mean...Andreas Schleicher presents at the launch of What does child empowerment mean...
Andreas Schleicher presents at the launch of What does child empowerment mean...
 
Observing-Correct-Grammar-in-Making-Definitions.pptx
Observing-Correct-Grammar-in-Making-Definitions.pptxObserving-Correct-Grammar-in-Making-Definitions.pptx
Observing-Correct-Grammar-in-Making-Definitions.pptx
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
 
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxHMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
 
Introduction to TechSoup’s Digital Marketing Services and Use Cases
Introduction to TechSoup’s Digital Marketing Services and Use CasesIntroduction to TechSoup’s Digital Marketing Services and Use Cases
Introduction to TechSoup’s Digital Marketing Services and Use Cases
 
21st_Century_Skills_Framework_Final_Presentation_2.pptx
21st_Century_Skills_Framework_Final_Presentation_2.pptx21st_Century_Skills_Framework_Final_Presentation_2.pptx
21st_Century_Skills_Framework_Final_Presentation_2.pptx
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptx
 
UGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdf
UGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdfUGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdf
UGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdf
 
Diuretic, Hypoglycemic and Limit test of Heavy metals and Arsenic.-1.pdf
Diuretic, Hypoglycemic and Limit test of Heavy metals and Arsenic.-1.pdfDiuretic, Hypoglycemic and Limit test of Heavy metals and Arsenic.-1.pdf
Diuretic, Hypoglycemic and Limit test of Heavy metals and Arsenic.-1.pdf
 

Key features of ISO 27001

  • 1. Key features of ISO 27001 ISO 27001 is an international standard that provides a systematic approach for managing and protecting sensitive information within an organization. It sets out the criteria for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS). Here are some Key Features of ISO 27001: 1. Risk-Based Approach: ISO 27001 is built on a risk management framework. Organizations must identify and assess information security risks, implement controls to mitigate those risks, and regularly review and update their risk assessments. 2. Information Security Policy: Organizations are required to develop and maintain an information security policy that outlines their commitment to information security and sets the foundation for the ISMS. 3. Scope Definition: ISO 27001 allows organizations to define the scope of their ISMS, ensuring that it covers all relevant assets, processes, and locations where sensitive information is processed. 4. Leadership Involvement: Top management is expected to demonstrate leadership and commitment to information security by actively participating in the ISMS and providing necessary resources. 5. Objectives and Planning: Organizations set information security objectives and develop plans to achieve them. These objectives should be aligned with the organization's overall business goals.
  • 2. 6. Risk Assessment and Treatment: A key component of ISO 27001 is the identification of information security risks and the application of controls to reduce or manage those risks to an acceptable level. 7. Controls Selection: ISO 27001 provides a comprehensive list of information security controls in Annex A. Organizations can select and implement controls that are relevant to their specific risks and needs. 8. Documentation and Records: Organizations are required to maintain documented information related to their ISMS, including policies, procedures, and records of information security activities. 9. Training and Awareness: Employees should be trained and made aware of their information security responsibilities, including the importance of safeguarding sensitive information. 10.Monitoring and Measurement: ISO 27001 emphasizes the need for ongoing monitoring and measurement of the ISMS to ensure it remains effective and that corrective actions are taken when necessary. 11.Internal Auditing: Regular internal audits are conducted to assess the conformity and effectiveness of the ISMS. Auditors should be independent and competent. 12.Management Review: Top management conducts periodic reviews of the ISMS to ensure its continued suitability, adequacy, and effectiveness.
  • 3. 13.Continual Improvement: ISO 27001 promotes a culture of continual improvement, where organizations strive to enhance their information security processes and performance over time. 14.Certification and Compliance: Organizations can seek ISO 27001 certification through third-party audits to demonstrate their adherence to the standard's requirements. 15.Legal and Regulatory Compliance: ISO 27001 helps organizations ensure compliance with relevant laws, regulations, and contractual obligations related to information security. By implementing ISO 27001, organizations can enhance their information security posture, reduce the risk of data breaches, and build trust with customers and stakeholders regarding the protection of sensitive information.