Law and standards

ISO/IEC 27001

What is ISO 27001?

ISO/IEC 27001 is the international standard for an information security management system. It describes how an organisation records, treats and continuously reviews its security risks.

The standard does not prescribe any particular technical product. It requires a traceable process: define the scope, assess the risks, select measures, measure whether they work and improve them.

Certification is carried out by an accredited certification body and is a sizeable project for most mid sized companies. A gap analysis shows in advance how far away certification is and which gaps to close first.

All terms in the knowledge base

From the term to practice

Where does your business actually stand?

The IT Check reviews your IT across 8 audit areas with more than 100 individual checks and delivers documented findings with a prioritised action plan. From 1,299 € excl. VAT. The first call takes 20 minutes and carries no charge.

Book a first call