Font Size

ISO27001 Information Security

 By

Chris Eden - Quality Matters Limited

Computer/Internet/Software Articles
Submit Articles   Back to Articles

Data security, or lack of it is in the news almost daily and the news is pretty alarming. Report after report reveals, the often casual way, the shortfalls in care of our data.

Every cloud has a silver lining however; we have seen a huge increase in enquiries for consultancy in setting up ISO27001 systems. It seems that industry and commerce are taking data security very seriously, unlike the Revenue.

ISO27001 sets up a number of steps that protect data and other information from unauthorised access and release. It also ensures compliance with the Data Protection Act and ensures that companies are protected from litigation concerning data.

Surely it cannot be long before the Information Commissioner takes action or failing that litigation against those who loose or act in a cavalier manner with data under their care.

Every organisation employing ISO27001 can claim that they have used best practice and have taken all reasonable steps to ensure that the elements of Data Security have been employed. This is a valid defence in a Court of Law (if it should go that far).

C. I. A. are the main requirements:

Confidentiality

  • To ensure that data is not compromised or released

Integrity

  • To ensure that data is protected from unauthorised alteration

Availability

  • To ensure that data is available when and where required

If we all carry this out then there is hope for us yet.

At the moment, I for one, am unwilling to trust my valuable data to any organisation not complying fully with ISO27001.


About the Author

Chris Eden FIBC, MISSA, ACQI is a director of Quality Matters Limited an established independent management consultancy specializing in ISO27001 Information Security Management accreditation.



Follow us @Scopulus_News

Article Published/Sorted/Amended on Scopulus 2008-03-18 12:52:30 in Computer Articles

All Articles