ISO/IEC 27001 is an international standard – which is also available as the German standard DIN ISO/IEC 27001 – for the management of information security.
The standard specifies the general requirements of a documented information security management system (ISMS) in its lifecycle.
The goal is the protection of the information and other values (assets) of companies and organisations, regarding availability, integrity and confidentiality..
The ISO/IEC 27002 standard (also available as a DIN standard) is closely associated with ISO/IEC 27001. This offers a practice guideline with measures (controls) and recommendations for managing information security. Twelve monitoring reports address the security risks and contingency plans of the company, its guidelines and compliance specifications, the organisational and personnel circumstances, the technical infrastructure and the IT processes. Core topics are: network security, access protection and access control, monitoring of external access and secure exchange of data.
Certification: tested information security
Companies and organisations that demonstrate that their ISMS meet the requirements of ISO/IEC 27001 can have their ISMS certified by an accredited centre. To date, the certificate has been issued more than 7,000 times worldwide and around 150 times in Germany.
Companies with this certification gain competitive advantages through:
- Higher quality of information, processes and internal coordination – using security standards implemented in compliance with regulations
- Enhanced trust among customers and business partners – through the monitoring and recording of protected information and its exchange
- Access, as a supplier, to public procurement markets – fulfilling a basic requirement for tendering for contracts from public authorities
Risk minimisation, less administration and lower costs
VISULOX software supports business strategies, rules and measures for realising, managing and optimising ISMS pursuant to ISO/IEC 27001: Visulox provides the tools necessary for the management and monitoring of remote access to IT components and services. Visulox also provides a secure, monitored path for data transfers. Thus, increasing the company security and at the same time reducing IT administration overheads.