ISO 27001: Information Security
A critical resource for managing information security needs
ISO/IEC 27001 is an international standard that aims to ensure adequate controls are in place to address confidentiality, integrity and availability of information and safeguard the information of 'interested parties'.
Unprotected information systems are vulnerable to computer-assisted fraud, sabotage and viruses.
An information security management system (ISMS) compliant to ISO/IEC 27001:2005 can help you demonstrate to trading partners and customers alike that you take information security seriously.
ISO/IEC 27001 certification by LRQA is a powerful tool to ensure your business has adequate information security controls in place.
ISO/IEC 27001, originally introduced by the DTI as BS 7799 in 1995, is an international standard which aims to ensure adequate controls are in place to address confidentiality, integrity and availability of information and safeguard the information of ‘interested parties’. This includes your customers, employees, trading partners and the needs of society in general.
Its supplement, ISO/IEC 17799, established the guidelines and general principles for initiating, implementing, maintaining and improving information security management in an organization identified by the ISO/IEC 27001 risk assessment process.
ISO/IEC 27001 is based on the plan-do-check-act model common with ISO 9001 and ISO 14001 and uses risk assessment and business impact analysis to identify and manage risks to the confidentiality, integrity and availability of information.
Over half of the world’s top 200 companies choose LRQA for certification.
ISO/IEC 27001 certification by LRQA can help reduce your risk of security threats and weakness.
ISO/IEC 27001 certification is a powerful demonstration of an organization’s commitment in managing information security and driving continual improvement. This provides a competitive advantage for your organization because it:
helps your organization develop a business continuity plan, minimizing the impact of security breaches and ensuring controls are in place to reduce the risk of security threats and system weaknesses
enables you to demonstrate your IT systems and processes are safe and make a public statement of capability without revealing your security processes or opening your systems to second party audits
demonstrates your organization meets the requirements of the Data Protection Act of 1998
enables you to work with many organizations where it is a contractual obligation, expectation or prerequisite for doing business
ISO/IEC 27001 certification by LRQA focuses on the areas and issues important to your information security management and your business.
At LRQA, we are passionate about what we do, and our reputation in management systems certification is renowned worldwide.
LRQA assessors are industry specialists and experts who are matched with your business needs, enabling an effective and robust assessment of your system.
LQRA is a market leader in the provision of assessment, certification and training services, and over half of the world’s top 200 companies choose LRQA for certification.
LRQA is among the first certification bodies to issue an ISO/IEC 27001 certificate within North America.
Our Business Assurance approach ensures our assessments focus on the areas and issues that are important to your business.
Beyond certification, LRQA provides an extensive range of services to support your business’ future growth and development, including training solutions and integrated management systems assessment.
View LRQA's information security training options!
Choose one of the actions below.