Print

Why is the GOVIT solution based on the ISO 27001 standard?

Organizations wishing to use ISO 27001 as a mechanism for managing information security and risk, require an organization to implement an information security management system (ISMS), including risk assessment, risk management, audit compliance and a management framework to ensure that true business benefits are realized from implementing ISO 27001, and the infrastructure to ensure its maintenance going forward.

Benefits of implementing ISO 27001 to help corporate governance could also include:An ISO 27001 certificated ISMS will ensure that you are in compliance with the w0whole range of information related legislation, including (as applicable to country and jurisdiction) HIPAA, GLBA, SB 1386 and State breach laws, PIPEDA, FISMA, EU Safe Harbor regulations, Data Protection Act, and so on.

Strong framework tools are essential for ensuring IT resources are aligned with an enterprise's business objectives, and that services and information meet quality, fiduciary and security needs.... COBIT and ITIL are not mutually exclusive and can be combined to provide a powerful IT governance, control and best practice framework in IT service management.

Enterprises that want to put their ITIL program into the context of a wider control and governance framework could use COBIT.

Source: Gartner June 2007

An ISO 27001 certificated ISMS based solution will provide an important foundation for any overall certification process the company choose to implement.
  • A pre-tailored ISO 27001 certification will cost a fraction of a full audit and demonstrates the existence of a best-practice based information security infrastructure
  • The certification process also helps the organization focus on continuously improving its information security processes
  • ISO 27001 can be easily mapped and contribute towards an ITIL environment and COBIT effective IT control framework, thus provide transparency of services and greater management.
  • ISO 27001 is also an effective response to information risks identified in any COSO-type enterprise risk management framework.
 The Information Systems Audit and Control Association (www.isaca.org) has reported that a number of recently issued documents are the result of continuing efforts to define, assess, report on, and improve internal control. 

Get in touch

Book a meeting
Download whitepaper
Ring!
Kontakt
Governance IT A/S
Dronning Louises Vej 7
DK 2920 Charlottenlund

Tel: +45 7026 0350

www.governance-it.com

info@governance-it.com