As part of implementing your security policy, Penayde can assist your organisation to design and implement best practice Information Security Management Systems that deliver identifiable returns on investment, and, which are capable of certification to ISO 27001 level. ISO 27001 is the International Standard for Information Security Management Systems (ISMS). It is based largely upon the previously adopted BS 7799 used commonly since 1995 for managing information security.

ISO 27001 provides the framework for a technology neutral, vendor-neutral management system that enables an organisation to assure itself that its information security measures are effective. This includes the continued accessibility, confidentiality and integrity of its own information and that of its stakeholders as well as legal compliance.Implementation of ISO 27001 is an ideal response to legal requirements and potential security threats such as:

  • Vandalism/terrorism
  • Fire
  • Misuse
  • Theft
  • Viral attack

ISO 27001 is structured to be easily compatible with other management systems standards such as ISO 9001 and ISO 14001. Whilst there are some clause numbering differences, common elements include documentation, review and audit requirements, enabling an organisation to develop a largely integrated management system.