The year is 2025. Over 465 exabytes of new data is generated each day. The global cybersecurity market is worth $241 billion. Your managed services provider is still using a process document dated March 2019, and you’re starting to regret not having gone with that ISO 27001 certified provider.
Hell, at this point you’re starting to think even an in-house ISMS (Information Security Management System) implementation would have been a better option.
But I’m getting ahead of myself; let’s return to the present. Is ISO 27001 all it’s cracked up to be? Whatever your stance on ISO, it’s undeniable that many companies see ISO 27001 as a badge of prestige, and using ISO 27001 to implement (and potentially certify) your ISMS may well be a good business decision for you.
In this article, we’ll take a look at the foremost standard for information security management – ISO 27001:2013, and investigate some best practices for implementing and auditing your own ISMS.
Here is a summary of what we’ll cover in this Process Street article:
- ISO 27001: The basics & why standards are important
- Who needs ISO 27001?
- How to implement ISO 27001
- Free ISO 27001 checklist
- How to get ISO 27001 certified
- Integrating your ISMS with other ISO standards