The ISO 27001 standard is a continuous improvement solution based on which an Information Security Management System (ISMS) can be developed that allows evaluating all types of risks or threats that may endanger the information of an organization, both own data as third party data, and establish the most appropriate controls and strategies to eliminate or minimize these dangers.
The so-called “Computer Security” has evolved at breakneck speed. At present, the information assets of companies, one of their most important values, are linked or associated with risks and threats within a wide typology of vulnerabilities.
A threat can be defined as any event that can affect information assets and is mainly related to human resources, natural events or technical failures.
To regulate the creation of products and services that are safe, reliable and of quality, the International Organization for Standardization (ISO) establishes international standards that protect consumers and end users, ensuring that certified products comply with internationally standardized minimums.
In October 2005, ISO and the International Electrotechnical Commission approved and published ISO / IEC 27001 as an international standard for Information Security.
The international standard ISO 27001 is certifiable and applicable to all types of organizations and sectors, including Public Administrations, and covers the organizational structure, policies, planning activities, responsibilities, practices, procedures, processes and resources.
An ISMS (Information Security Management System) based on ISO / IEC 27001 is a systematic approach to establish, implement, operate, monitor, review, maintain and improve the information security of an organization and achieve its business objectives. and / or service.
Through the best information security practices, the organizations that certify their ISMS demonstrate to their shareholders, clients, authorities, suppliers and other interested parties, due diligence in this important aspect and guarantee the adequate application of resources in the areas of greater impact, thus optimizing their investments and security costs.
External computer attacks, malware infections, a flood or fire, power outages, and even an omission or confusion by company personnel can lead to serious, and even irreparable, damage to information. Proper risk management allows organizations to know which are the main vulnerabilities of their information assets and their potential consequences.
The purpose of an Information Security Management System is, therefore, to guarantee that information security risks are known, assumed, managed and minimized by the organization in a documented, systematic and structured way. Its tendency is towards a global approach that covers normative, legal, organizational and even cultural aspects and whose approach is conceived from the vision of a business problem.
For all this, we are proud to inform you that TELNORM Colombia recently received the ISO / IEC 27001 ISMS certification (2013 version), thus confirming our high standards in Information Security that guarantee the protection of our own information and that of third parties in our services as developers and integrators of technological solutions with more than 30 years of experience.
Know more about TELNORM.
About TELNORM Colombia:
Ing. Eduardo Martinez Tovar
T (+571) 4660864 – 4660865 | M +57 322 7357266
| E firstname.lastname@example.org
Carrera 7 No. 74B-56 Office 302