Companies are responsible for many information assets including their own financial and technical data, and information like credit cards belonging to their customers. The penalties for losing, corrupting or wrongfully sharing information can be huge.
Information Security Management is about the protection of information assets from potential security breaches. It relates to all types of information, including paper-based and electronic formats and determines how information is processed, stored, transferred, archived and destroyed. As a result, additional pieces of regulation and more statutory requirements are emerging; forcing companies to comply and seriously consider their IT and data risk management.
Certification of your management system helps to demonstrate that your system has been independently assessed by experts, and publicly shows your commitment to IT Security and ICT Governance.
International Standards & Frameworks
Standards such as ISO/IEC 27001 along with other frameworks and management system standards like COBIT, ISO 9001, ITIL and ISO/IEC 20000, can assist organizations in the development of appropriate governance. This may also enable their compliance with statutes and regulatory requirements, without “recreating” the wheel or duplicating existing and effective controls.
Gap Audits and Audit & Certification:
SAI Global can perform a Gap Audit or full Audit & Certification against these programs:
