ISO 27002 (ISO 17799:2005) & ISO/IEC 27001

1. This standard is closely aligned to other business and technical standards/guidance such as ISO 9001, COBIT/ITIL and is respected as the key security kite mark.

2. The Standard is highly regarded in government contracts (service requirement) and across the private sector as an impartial/independent proof of quality.

3. Organisations themselves see the benefits of information resilience in their service delivery and growth potential - with security incidents being monitored.

4. The standard brings wider business benefits because with the drive towards more flexible working the need for adequate security checks and balances is vital.

5. ISO/IEC 27001 is respected as the 'de facto' standard and will soon become a contractual or service level agreement requirement.

6. Organisations also have the opportunity to prove their own business resilience - some sectors like the NHS has made ISO27001 mandatory as part of its Information Governance initiative; similarly in the financial sector APACS have outlined guidance based on this standard.

Business Consultancy
> What
ISO 27001 is an International Information Security Standard, ISO 27002 (ISO 17799:2005) gives comprehensive guidance on best practice methods for implementing ISO 27001.
> more

> Who
All organisations, in public or private sectors are increasingly required to prove that they take information security seriously.
> more

> Why
ISO/IEC 27001 is respected as the 'de facto' standard and will soon become a contractual or service level agreement requirement.
> more

"I have always been impressed with the level of service Sapphire has provided for The essentiagroup and the high standards they adhere to. I would be delighted to recommend Sapphire's services to any organisation..."
Martin Leven, Director of Technology, Essentia Group
> more