ISO27001 Ireland is an event driven by the need for data/information security within Irish business, Data Centres, Government Bodies, Financial Institutions and all organisations controlling the flow of information through their infrastructure. The event is specifically designed to encourage networking and open discussion between keynote speakers who have achieved the standard and our audience of companies who are either on the journey, or considering implementing ISO27001.
What are the key benefits to your business?
- Improves and maintains competitive edge.
- Win more business particularly where procurement specifications require higher IT security credentials.
- Compliance with legal, statutory, regulatory and contractual requirements.
- Provide assurance to stakeholders, such as clients and shareholders.
- Business continuity is assured through management of risk, security issues and concerns.
Our Keynote Speakers:
Anxious to share their experiences and knowledge of implementing the standard, our Keynote Speakers have been carefully selected for their understanding of the challenges and benefits of adopting ISO27001. Passionate about the information security of their organisations and the management systems they rely on, our speakers will actively engage with their audience to create a sharing of information and knowledge, even in this environment of security.
Today, organisations are increasingly vulnerable to security threats as our dependence on information systems grows ever greater. It is vital that your organisation applies the appropriate controls to manage the risks associated with information and data and demonstrate that you are preserving the confidentiality, integrity and availability of those assets for clients, shareholders and society as a whole.
The Delegate attending ISO27001 Ireland is the individual that understands the importance of Information Security Management Systems. Responsible for the integrity of their IT infrastructure, these industry leaders will some begin begin the journey to ISO27001. Most having aligned their infrastructure to the standard, it is now time to take that next step to accreditation.
One on One Sessions:
ISO 27001 Information and Data Security offers a comprehensive set of controls, based on best practice in information security, comprising of components such as confidentiality, integrity and availability.
Senior industry consultants will be on hand to accommodate “one on one” meetings with IT Managers/Facility Managers/CIO, etc who are at the stage of Gap Analysis and are ready to begin their journey to this IMIS system.
ISO 27001 is the international standard for Information Security Management Systems (ISMS). It is applicable to any organisation where the misuse, corruption or loss of its business or client information could result in a major commercial disaster.
The fundamental aim of ISO 27001 is to protect the information of your organisation from security threats such as: viral attack, misuse, theft, vandalism/ terrorism and fire. ISO 27001 quickly produces a return on investment, giving you thorough guidance on complying to regulatory and contractual requirements regarding data security, privacy and IT governance. The ISMS encourages the identification and classification of the organisations information assets and a systematic risk assessment of threats and vulnerabilities. ISO 27001 provides a framework to assure an organisation that its information security measures are effective.
What is ISO 27001?
ISO 27001 (formally known as ISO/IEC 27001:2013) is a specification for an information security management system (ISMS). An ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organisation’s information risk management processes.
According to its documentation, ISO 27001 was developed to “provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an information security management system.”
ISO 27001 uses a topdown, risk-based approach and is technology-neutral. The specification defines a six-part planning process:
- Define a security policy.
- Define the scope of the ISMS.
- Conduct a risk assessment.
- Manage identified risks.
- Select control objectives and controls to be implemented.
- Prepare a statement of applicability.
The specification includes details for documentation, management responsibility, internal audits, continual improvement, and corrective and preventive action. The standard requires cooperation among all sections of an organisation.
The ISO27001 standard does not mandate specific information security controls, but it provides a checklist of controls that should be considered in the accompanying code of practice, ISO/IEC 27002:2013. This second standard describes a comprehensive set of information security control objectives and a set of generally accepted good practice security controls.
ISO 27002 contains 12 main sections:
1. Risk assessment
2. Security policy
3. Organization of information security
4. Asset management
5. Human resources security
6. Physical and environmental security
7. Communications and operations management
8. Access control
9. Information systems acquisition, development and maintenance
10. Information security incident management
11. Business continuity management
Organisations are required to apply these controls appropriately in line with their specific risks. Third-party accredited certification is recommended for ISO 27001 conformance.