ISO 27001:2005 Information Security Management System

In the context of this standard, the term information includes all forms of information - data, documents, communications, conversations, messages, recordings, and photographs. It includes everything from digital data and email to faxes and telephone conversations.

The key benefits are:

• 1. DEFINE ISMS POLICY including the approach to risk assessment, identifying, analyzing and evaluating security risks and controls.
• 2.IMPLEMENT AND OPERATE THE ISMS by developing a risk treatment plan to manage the organization's information security risks, implement security controls, educational programs and security procedures.
• 3. MONITOR AND REVIEW THE ISMS by using procedures and controls, performing regular internal audits, updating information security plans.
• 4. MAINTAIN AND IMPROVE THE ISMS by taking preventive & corrective actions.