The revised version of the popular information security management system standard ISO/IEC 27001 is now available. The standard helps companies secure their information assets – vital in today's world where the number and sophistication of cyber-attacks is on the rise.
Indeed, according to research published earlier this year in the UK, the number of information security breaches affecting UK businesses continues to increase.
"Small businesses also a target"
It isn't just the large companies that are under threat. The research conducted by PricewaterhouseCoopers (PwC) on behalf of the UK Department for Business, Innovation and Skills highlighted that small businesses were experiencing incident levels previously only seen in larger organizations, with 87 % of small organizations reporting a security breach in the last year.
In addition, the report suggested that we are seeing the effects of our increasing use of new technologies, with more and more organizations sustaining security or data breaches related to social networking sites, smartphones and tablets.
The revised standard (ISO/IEC 27001:2013) must also reflect these changes and as Edward Humphries, Convener of the working group responsible for developing and maintaining the standard, explained: "We have made a number of improvements to the security controls listed in Annex A to ensure that the standard remains current and is able to deal with today’s risks, namely identity theft, risks related to mobile devices and other online vulnerabilities."
"Easier integration with other management systems"
Another major change to the standard is the fact that it now fits the new high-level structure used in all management system standards. This has been put in place to help organizations that are implementing more than one management system standard at a time. It will also be of benefit to auditors who certify organizations that are using more than one such standard.
World Center for Certification & Quality Certification Hong Kong was formed in 1988. As part of an international company with many core business platforms, World Center for Certification & Quality Certification Hong Kong provides several certification services, with one of its specializations on quality & environment. World Center for Certification & Quality Certification has offices in more than 70countries, issues certificates in over 100 countries around the world, has more than 80,000 customers worldwide with an increasing clientele base of 10,000 each year, has around 5,700 auditors over the world, and has obtained approval from more than 40 accreditation bodies. Over 65 multinational companies have signed global cooperation agreements with World Center for Certification & Quality, making it the preferred certification services provider by many reputable international companies.
For Enquiries:
World Center for Certification & Quality Certification (H.K.) Limited
Phone: (852) 2815 2092; Fax: (852) 2543 3287
E-mail: certificates@wccq.org
|
