Management system certification / Voluntary assessment
Basis for Certification (certification standard):
International standard ISO 27001 (requirements for Information Security Management Systems)
ISO International Organization for Standardization
What does the standard ISO 27001 cover?
The standard ISO 27001 defines the requirements for a certifiable information security management system (ISMS) of an organisation. This includes, but is not limited to:
- The organisation has established a suitable information security management system, including mechanisms for risk identification, self-assessment, preventive and corrective actions and continuous improvement.
- The organisation has defined a plausible security level for the information processed by the organisation.
- Within the scope of risk assessment and management, the organisation has identified and implemented suitable measures to ensure information security.