ISO/IEC 27001, ‘Information security, cybersecurity and privacy protection - Information security management systems - Requirements’ the widely used information security management standard, has been updated and is now available.
The standard specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system.
ISO continually reviews and updates its standards, something that is particularly important given the rapid advances in cyber threats and the increasing acceptance that effective cyber security needs a wider cyber resilience approach to be taken.
According to ISO:
“Organizations that adopt cyber resilience through confident vulnerability quickly emerge as leaders in their industry and set the standard for their ecosystem. The holistic approach of ISO/IEC 27001 means that the entire organization is covered, not just IT. People, technology and processes all benefit.
“When you use ISO/IEC 27001, you demonstrate to stakeholders and customers that you are committed to managing information securely and safely. It’s a great way to promote your organization, celebrate your achievements and prove that you can be trusted.”