ISO 27002 (ISO 17799:2005) & ISO/IEC 27001

• Business managers & boards demand better returns from IT investments. This is due to increasing level of IT expenditure and the need to optimise costs.
• The need to meet regulatory requirements for effective information controls (e.g. Sarbanes-Oxley and similar EU Directives).
• Information security is now an important factor in the selection of service providers & the management of service outsourcing & acquisition.
• The increasingly complex ‘information risks’ register: remote working, mobile communications, etc. All the practices, place an increasing emphasis on risk assessment & management.
• Governance initiatives that call for control frameworks to help monitor and improve critical IT activities to increase business value and reduce business risk.
• For organisations needing to assess how they are performing against standards and their peers (benchmarking) ISO 27002 (ISO 17799:2005)/ISO 27001 is the ideal platform.

Business Consultancy
> What
ISO 27001 is an International Information Security Standard, ISO 27002 (ISO 17799:2005) gives comprehensive guidance on best practice methods for implementing ISO 27001.
> more

> Who
All organisations, in public or private sectors are increasingly required to prove that they take information security seriously.
> more

> Why
ISO/IEC 27001 is respected as the 'de facto' standard and will soon become a contractual or service level agreement requirement.
> more

"I have always been impressed with the level of service Sapphire has provided for The essentiagroup and the high standards they adhere to. I would be delighted to recommend Sapphire's services to any organisation..."
Martin Leven, Director of Technology, Essentia Group
> more