W
william72123
I get ISO 27000 for my IT company what are the benefits are getting me for my organization?
Do you mean getting registered to ISO 27001?
The ISO/IEC 27001 - Information security management web page might provide some information.
As is the case with any of the standards, benefits of registration are varied and impacted by the condition your system is in now, what you want out of the process and how much you put into it. An organization does not "get" ISO anything, except when purchasing a copy of the standard. ISO standards are frameworks for business operations that are intended to guide users in establishing structure and controls.
The ISO/IEC 27001 - Information security management web page might provide some information.
As is the case with any of the standards, benefits of registration are varied and impacted by the condition your system is in now, what you want out of the process and how much you put into it. An organization does not "get" ISO anything, except when purchasing a copy of the standard. ISO standards are frameworks for business operations that are intended to guide users in establishing structure and controls.
W
william72123
Ok friend. Thank you for providing useful information.
Implementing an Information Security Management System is what you "get" from ISO 27000. So the questions becomes, "Would my IT company benefit from having better controls over information?" Every day we read about hacks occurring. If you do some form of risk analysis, what does it tell you?
Only YOU can decide the answer to this question. If you then seek certification - as Jennifer describes - such certification of your ISMS may help to bring confidence in your customers and allow you to sleep better at night, because there's less risk that your organization was the weak point.
I
infosaas
Not sure I understand the question, but worth a shot:
Values to your organisation, just three for starters ...
1. Increased customer confidence in your ability to securely manage/process/handle/store their valuable data. Protecting your valuable data from competitors, hackers, terrorists, journalists etc.
2. Effective controls against data leaks or breaches, many of which carry company-damaging and reputation-shattering huge fines and negative publicity
3. Helping your organisation win business in competitive situations. I do not waste time on companies who have not implemented an ISMS.
Values to your organisation, just three for starters ...
1. Increased customer confidence in your ability to securely manage/process/handle/store their valuable data. Protecting your valuable data from competitors, hackers, terrorists, journalists etc.
2. Effective controls against data leaks or breaches, many of which carry company-damaging and reputation-shattering huge fines and negative publicity
3. Helping your organisation win business in competitive situations. I do not waste time on companies who have not implemented an ISMS.
A
Andyroberts
Hi! The introduction of modern standards such as ISO 27000, will lead to increased competitiveness of the organization, while at the implementation stage requires additional costs.
