Is your organisation ISO 27001 compliant? Are you aware that, as part of the National ICT strategy 2008 - 2010, the Maltese government is planning to align itself to ISO 27001/2 and 25999 standards?

Information is critical to the operation and maybe even the survival of your organisation and ISO/IEC 27001 is designed in a manner that allows any type of organisation to set up the proper security controls which are adequate and proportionate to its operations. Having such controls in place gives more confidence to your clients and other interested parties.

As specified by the British Standards Institute,

"ISO/IEC 27001 is suitable for any organization, large or small, in any sector or part of the world. The standard is particularly suitable where the protection of information is critical, such as in the finance, health, public and IT sectors."

ISO 27001 standard specifies how to set up an Information Security Management System (ISMS), a proven methodology that helps you maintain security across your organisation's information systems, whether electronic or physical. The standard contains a number of control objectives, namely

• Security policy
• Origanisation of Information Security
• Asset management (including information classification)
• Human resources security
• Physical and environmental security
• Communications and Operations management (including network security and backups)
• Access Control
• Information systems acquisition, development and maintenance
• Information Security incident management
• Business Continuity management
• Compliance

If you would like to know more on how we can help you align your organisation to work towards ISO 27001, please contact us at:  

consult@shield.com.mt     or  

security@shield.com.mt    or  

training@shield.com.mt

.