ISO/IEC 27001:2005

ISO/IEC 27001:2005 Information technology - Security techniques - Specification for an Information Security Management System

ISO/IEC 27001 is the formal standard against which organizations may seek independent certification of their Information Security Management Systems

 (meaning their frameworks to design, implement, manage, maintain and enforce information security processes and controls systematically and consistently throughout the organizations).

The standard covers all types of organizations (e.g. commercial enterprises, government agencies and non-profit organizations).

---

اذا كنت ترغب في الحصول/ او التأهيل للحصول علي شهادات الجودة العالمية المختلفة لشركتك، او مصنعك، او مكتبك:(هذا العرض ساري داخل جمهورية مصروجميع البلدان العربية)
أيزو 9001:2008   لجـــــــودة نظــــم الادارة
أيزو 18001:2008 للصحة والسلامة المهنية
أيزو 22000:2005 لســــــــلامة الأغــــــذيــة
أيزو 14001:2004 لادارة نظــــم البيــــــــــئة
ايزو 27001:2006 ضـــمان امان المعلومات
وشهــــادات الـ CE Mark بانـــــــــــواعــــها
شهادة F.S.C الخاصة بالأثاث
Global G.A.P B.R.C
شهادة حلال Halal

 لا تتردد في الاتصال بالارقام التالية 00201000794606/ 00201020088443

 
the ISO/IEC committee responsible for ISO27k and related standards, ISO/IEC 27001 “is intended to be suitable for several different types of use, including:

    Use within organizations to formulate security requirements and objectives;
    Use within organizations as a way to ensure that security risks are cost-effectively managed;
    Use within organizations to ensure compliance with laws and regulations;
    Use within an organization as a process framework for the implementation and management of controls to ensure that the specific security objectives of an organization are met;

    The definition of new information security management processes;
    Identification and clarification of existing information security management processes.

    Use by the management of organizations to determine the status of information security management activities;
    Use by the internal and external auditors of organizations to demonstrate the information security policies, directives and standards adopted by an organization and determine the degree of compliance with those policies, directives and standards.

    Use by organization to provide relevant information about information security policies, directives, standards and procedures to trading partners and other organizations that they interact with for operational or commercial reasons;
    Implementation of a business enabling information security; and
    Use by organizations to provide relevant information about information security to customers.”

The information security controls from ISO/IEC 27002 are noted in an appendix to ISO/IEC 27001, rather like a menu. Organizations adopting ISO/IEC 27001 are free to choose whichever specific information security controls are applicable to their particular information security situations, drawing on those listed in the menu and potentially supplementing them with other a la carte options. As with ISO/IEC 27002, the key to selecting applicable controls is to undertake a comprehensive assessment of the organization’s information security risks, which is one vital part of the ISMS.

B2B EGypt

We provide you with a group of services that guarantee best added value to your corporate,website,company classification,system.Through proffessional experienced team members.