8/16/2019 Hoja de Producto ISO 27001

1/2

ISO/IEC 27001:2005 Information Security Management

INFORMATION SECURITY MANAGEMENTBSI provides assessment, certification and training services for ISO/IEC 27001

Overview

Information is critical to the operation

and, in extreme cases, to the survival of

your organization. Using an Information

Security Management System (ISMS) and

certifying it against the best practice

standard, ISO/IEC 27001, will help you to

manage and protect your information

assets.

ISO/IEC 27001 is based on, and replaces,the internationally recognized British

Standard, BS 7799 and it aligns with other

international standards, including the

OECD guidelines for implementing

information security and the Code of

Practice standard, ISO/IEC 17799.

ISO/IEC 27001 defines the requirements

for an ISMS. The standard is designed to

ensure that you select adequate and

proportionate security controls which help

you to protect information assets and to

give confidence to interested parties

including your customers.

ISO/IEC 27001 is not an IT only

standard; information is an

organizational asset. The standardhas no technology requirements;

although there are IT related controls

as the majority of information is held

on your IT systems.

Who is it for?

ISO/IEC 27001 is suitable for any

organization, large or small, in any secto

or part of the world. The standard is

particularly suitable where the protection

of information is important to your

organization.

ISO/IEC 27001 is also highly effective if

you manage information on behalf of

others. For example, if you are an IToutsourcing organization, the standard

can be used to assure your customers th

their information is being properly

controlled and protected.

raising standards worldwide™

BENEFITS

A common framework

Provides a common framework enabling you to develop,

implement, and effectively measure information security

management practices.

A risk based approach

Provides a risk-based approach to help plan and implement an

ISMS resulting in an appropriate and affordable level of

organizational security.

Structured and proactive

Provides a structured and proactive approach to establishing an

ISMS.

Asset protection

Ensures the right people, processes, procedures and technologies

are in place to protect information assets.

Independent assurance of controls

Demonstrates independent assurance of your internal controls

therefore meeting corporate governance and business continuity

requirements.

Information protection

Protects information in terms of confidentiality, integrity and

availability.

Independent demonstration

Independently demonstrates that applicable laws and regulation

are observed.

A competitive edge

Provides a competitive edge by meeting contractual requiremen

and demonstrating to your customers that the security of their

information is paramount.

Independent verification

Independently verifies that your risks are properly identified,

assessed and managed, while formalizing information security

processes, procedures and documentation.

Facilitates continuous improvement

The regular assessment process helps you continually monitor

and improve your ISMS.

8/16/2019 Hoja de Producto ISO 27001

2/2

Assessment and Certification

BSI is independently accredited to certify

your organization to ISO/IEC 27001. Ourauditing capabilities are globally

recognized for providing a value added

service. Our auditors are highly qualified,

full-time professionals with information

security expertise.

A BSI assessment provides independent

verification of your ISMS while enabling

you to benchmark your system against a

proven standard.

Training

We provide comprehensive

ISO/IEC 27001 training from a one-dayintroductory course to implementation

and lead auditor courses. We offer

onsite training, e-learning, and public

training at a range of locations For the

latest information visit:

www.bsiamericas.com/infosectraining

Standards and Publications

We offer a wide range of guidance

documents and support publications, awell as the standard itself, to help you

through certification and beyond.

These items can be found online at:

www.bsiamericas.com/infosecurity

ISO/IEC 27001 is the  only 

internationally accepted

auditable standard for

information security

management.

For further information on BSI’s

ISO/IEC 27001 services, visit

www.bsiamericas.com/infosecurity

BSI Management Systems12110 Sunset Hills Road, Suite 200Reston, VA 20190-5902USATel: 1 800 862 4977Fax: 1 703 437 9001Email: inquiry.msamericas@bsi-global.comwww.bsiamericas.com

BSI Management Systems Canada6205 Airport Road, Suite 102Mississauga, ONL4V 1E1CanadaTel: 1 800 862 6752Fax: 416 620 9911Email: inquiry.canada@bsi-global.com

The BSI certification mark can be used on your stationary, literature

and vehicles when you have successfully achieved certification.

BSI Group: Standards   • Information   • Training   • Inspection   • Testing   • Assessment   • Certificatio

BSI SERVICES SUMMARY

• Information and guidance

• Standards and publications

• Customer events

• Training – public, onsite and e-learning

• Management systems – gap analysis, second party audits,assessment, certification, continual assessment

• Business improvement tools

How can we help?