ISO 27001

Information security management systems – specification with guidance for use (ISMS) allows the implementation of an effective management system addressing the protection of information assets. Using an information security management system, an organisation is able to assess the risks and implement the proper audit and control mechanisms to maintain the confidentiality, integrity and availability of information. Therefore, the basic goal is to protect the information assets of an organisation to prevent the information from falling into the hands of an unauthorised person and to avoid any loss of data. Modern business depends on information technologies and systems. This also means that organisations are more vulnerable to security threats. Information is an asset which, similarly to other crucial business assets, has a value for the organisation and must be protected in an appropriate manner. Each organisation may choose how to identify and classify assets and evaluate threats and vulnerabilities using methods of managing such risks as to maintain the confidentiality, integrity and availability of information. Certification according to the ČSN ISO/IEC 27001 (international ISMS-oriented standard) is applicable to all organisations in all areas of production or the provision of services. Certification according to the ČSN ISO/IEC 27001 has become an essential prerequisite in many areas of business. Certificates are required in business relations and increase the credibility of an organisation. Compliance with the requirements of the ČSN ISO/IEC 27001 standard is also the foundation for some other management system certifications or for some sectoral/professional certifications. Information security and the ČSN ISO/IEC 27001 standard do not apply only to information technology. Similarly to quality management systems, environmental management systems and occupational health and safety systems, an information security management system incorporates management, policy, organisation and regular reviews. Some of the more demanding parts of the ISMS system include the analysis of the value of a company’s own assets in IT, information-related risk analysis, information risk management, declaration of information security and other procedures. Within the ISO 27001 product we offer following services:
  • Training
  • Audit
  • Situational analysis

Download

Contact person

Ing. Lenka Mariánková

Ing. Lenka Mariánková

Product Manager

Produkt - kontakt (EN)
Consent to the processing of personal data *