ISO/IEC 27001:2013 Information Security Management Standards

  • ISO, ISO 27001

    ISO/IEC 27001:2013 is a security management standard that specifies security management best practices and comprehensive security controls following the ISO/IEC 27002 best practice guidance.

    The basis of this certification is the development and implementation of a rigorous security program, which includes the development and implementation of an Information Security Management System (ISMS). This widely-recognized international security standard specifies that we do the following:

  • We systematically evaluate our information security risks, taking into account the impact of threats and vulnerabilities.
  • We design and implement a comprehensive suite of information security controls and other forms of risk management to address customer and architecture security risks.
  • We have an overarching management process to ensure that the information security controls meet our needs on an ongoing basis.