ISO 27001 Compliance

ISO 27001 Certification

Why are my business partners asking me about ISO 27001 certification?

Many organizations are adopting ISO 27001 as the standard for governing their information security program. ISO 27001 is the only internationally-accepted standard for information security governance and is being increasingly and widely adopted. Organizations using ISO 27001 must evaluate the risks associated with their business partners and suppliers and, therefore, may be asking you about ISO 27001 as well.

What is ISO 27001?

ISO 27001 is a specification for a framework of policies and procedures and associated legal, physical, and technical controls supporting an organization’s information risk management processes. Collectively, this is called an information security management system, or ISMS). In plain English, ISO 27001 tells you how to create and run an effective information security program.