London, United Kingdom, November 19, 2009 --(PR.com
)-- Fairland's investment in the best consultants in the country stems from client requirements to not only provide IT Infrastructure consulting around VMWare, Citrix and Microsoft – including licensing but to get through to the process end for clients to help organisations achieve and operate in a controlled, structured and secure manner. Contact ISO@fairland.co.uk today to discuss further.
Adapted from the British Standards Institute (BSI) BS 7799, which was originally written by the Department of Trade and Industry (DTI), ISO 27001:2005 contains 134 controls organised into 12 main sections and specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System (ISMS).
As information, electronic or hard copy, is becoming more prolific within organisations, the risk and impact on the business through the loss or corruption of information also increases. Gaining compliance to ISO 27001:2005 affirms that client organisation has established and can demonstrate that confidentiality, integrity and availability of information is adequately addressed, providing:
A common organisational security objective and standard
Identification and clarification of existing information security management processes
Effective management of security incidents and risks
Confidence to existing and prospective customer base
A competitive advantage and market differentiator over competitors
Moreover, information security is now an important factor in the selection of service providers for most organisations, particularly those within the finance, health, public and IT sectors and will soon become a contractual or service level agreement requirement.
ISO 27001:2005 is aligned with both the ISO 9001 (quality management systems) and ISO 14001 (environmental management systems) standards. The three standards share system elements and principles, including adopting the PLAN, DO, CHECK, ACT cyclic process.
Fairland assist clients to initiate, create, maintain and provide training and awareness for staff in ISO 27001:2005, fully supporting the organisation throughout the implementation process.
Fairland also consult and assist in the creation of policies & procedures, working with all relevant internal departments, to provide a solution that suits the organisation and enables staff to operate with a full understanding of its requirements, the type of information to secure and how they should report incidents.
As part of this process, Fairland perform a comprehensive review of the existing security processes and procedures, including levels of information security risk, and compare them to those required in the ISO 27001:2005. The results of which will form the basis for a gap analysis / risk assessment, which can be developed into a comprehensive programme for cyclic improvement.
The final process is to demonstrate to an independent auditor that client internal controls meet corporate governance and business continuity requirements. Fairland’s consultants can direct the organisation through and be involved with the process of gaining certification, which can prove to be invaluable.