Thursday, May 24, 2012

Will An Information Security Policy Improve Other Areas Of Your ...

This article looks at the international information security standard ISO 27001, and discusses whether implementing this will have a positive impact in other areas of business.


cc licensed ( BY NC ) flickr photo shared by shinyai

What Is ISO 27001?

ISO 27001 is an international standard, the awarding of which recognises that an organisation has a strong information security policy in place, and that at the time of auditing all guidelines contained within said policy were being adhered to by the business and its employees. Clearly, the main purpose of looking to achieve ISO 27001 is to prove your business? information security credentials, however are there widespread benefits for businesses in addition to the primary gains?

We took a look at other aspects of business to see whether information security would have an influence.

Business Structure

ISO 27001 requires there to be a strong business framework in place for maintaining the information security standard. If a business is able to replicate this to an extent throughout their business, they could find themselves running a much more streamlined and efficient operation than ever before. ISO 27001 calls for everyone within the business to know their role and objectives clearly, and translated across a business of any size, that is surely a good thing.

Teamwork: The Sum Of The Parts

With the framework comes each individual departments? responsibilities regarding information security. As ISO 27001 is not exclusively reliant on IT functions in order to be successful, this causes other areas such as Human Resources and Payroll to up their game to ensure that they are falling into line with the standard. Having each department manager, or a designated person, in charge of each area?s information security interests will form a strong core throughout the organisation, and ensure that when put together, information security across the business is extremely strong.

This can also break down areas for senior managers to observe and act upon. It is a lot easier to tweak a policy or carry out re-training if you can identify one or two areas where it is going wrong, rather than have to overhaul the whole thing as it is one huge operation.

Accountability

A golden word, and for some businesses the holy grail, but ISO 27001 calls for accountability across the company in all areas. As this is something for which all businesses thrive to instil in employee teams, using ISO 27001 as the vehicle for that could prove to be an excellent method. As teams understand their responsibilities, they are likely to take far more care and pride in their work, which will then be translated across everything they do, from dealing with large corporate clients to ensuring they have a tidy desk.

Use ISO 27001 to boost all of your business, and you will begin to feel the benefits very soon.

GUEST AUTHOR INFORMATION:

ISO 27001 standard provides more details on how to implement security controls.

Like this:

Be the first to like this post.

joe biden cspan state of the union drinking game oscar noms capital gains tim thomas oral roberts

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.