ISMS according to ISO/IEC 27001:2013
Even in your company or organization there is information, that has to be protected against misuse, loss, exposure, destruction and manipulation. Apart from personal data also business and company secrets have to be taken into account. The confidentiality, availability and integrity of these information are of important significance, also in the interest of clients, business partners and employees. Therefore more and more companies and organizations count the protection of information as an integral part of business politics and an indispensable factor of success.
The international standard ISO/IEC 27001:2013
A proven opportunity to initiate, process, monitor, check and last but not least improve actions for information security, is the establishment of an Information Security Management System (ISMS) on the basis of the international standard ISO/IEC 27001:2005. This management system can be run beside existing management systems, for example systems according to ISO 14001 or ISO/IEC 20000, and make information security measurable and comparable at a later stage.