ISO27001 Information Security Management System

ISO 27001:2005 Information Security Management Systems specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System within the context of the organization's overall business risks. It specifies requirements for the implementation of security controls customized to the needs of the whole or part of individual organizations.
The standard is made of two parts:
1. ISO 17799: Guidance on implementing ISMS.
2. ISO 27001: Standard against which ISMS can be certified.

Benefit
Enhance corporate creditability through the recognition of the ISO 27001 Information Security Management System .
Demonstrate the validity of information and a real commitment to upholding information security.
Improve employee ethics and the notion of confidentiality throughout the workplace
Allow corporate to enforce information security and reduce the possible risk of fraud, information loss and disclosure