- October 31, 2019
- Posted by: sandeep Mehta
- Category: Uncategorized
There is a new European version of ISO/IEC 27001:2017 which includes approval by CEN/Cenelec. It incorporates the two corrected items from 2016 in Clause 6.1.3 and Annex A control 8.1. The 2013 version is now withdrawn by the UK.
UNI CEI ISO/IEC 27001:2017 is an international standard that sets out the requirements for establishing and implementing an Information Security Management System and covers issues which relate to logical, physical and organizational security. The key objective is to set up a system for the management of risks and the protection of information and ICT assets.
Compliance with the ISO/IEC 27001:2017 standard indicates that a company implements an effective Information Security Management System (ISMS). An ISMS is the comprehensive set of internal processes used to manage sensitive information in order to ensure confidentiality, integrity and availability of data. In other words, a company compliant with ISO/IEC 27001:2017 is a company that worked intensively to implement all metrics required by the international standards and subsequently every day manages data and builds products according to the latest and strictest security standards.