ISO 27001 is an internationally recognised and widely adopted standard for information security. It takes a risk-based approach to securing an organisation’s most valuable information – whether that’s in digital or physical form.
ISO 27001 helps you manage risks to your business from accidental or deliberate misuse of confidential information. Above all, complying with ISO 27001 provides you with a best practice framework for managing information security. Unlike self-regulated standards, being certified to ISO 27001 involves having an independent verification, at least once a year, that you control security appropriately.
ISO/IEC 27701:2019 is a privacy extension to ISO/IEC 27001 and organisations who are already certified to ISO 27001 will now be able to also certify to ISO 27701. The idea behind this new extension is to enhance the existing Information Security Management System (ISMS) with additional requirements in order to establish, implement, maintain, and continually improve a Privacy Information Management System (PIMS).
At BH Consulting, we help clients implement ISO 27001 and ISO 27701 efficiently and effectively, whether they are looking to achieve full certification or just wishing to align with ISO 27001. We have specialist consultants ready to guide your organistation towards certification.