2/12/2023 0 Comments What iso meanWhat exactly is an ISMS?īasically, a company’s ISMS refers to its procedures and policies for protecting crucial information or data. With these extended control sets, management has the option of accepting, avoiding or transferring risks instead of mitigating them through controls. It also lists a number of controls in Annex A, which serves more like a menu with a flexible approach to security, allowing one to choose their own style. Thanks to its flexibility, ISO/IEC 27001 is one of the most utilized information security standards today. Since it is so flexible, a wide range of markets, including education, defense, healthcare, and banking, can leverage it as well. By virtue of this unique approach, various industries and organizations are able to apply ISO 27001.įor example, various non-profit, commercial, and government organizations can opt to comply with ISO. ISO/IEC 27001:2013 standardizes an Information Security Management System (ISMS) and, unlike many other standards like the PCI DSS, its controls are based on risks instead of prescriptive measures. What are the ISO standards applicable to information security?
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
June 2023
Categories |