The international information security standard ISO 27001 sets out the requirements for implementing an ISMS (information security management system). An ISMS is a framework of policies and procedures that includes all of the organizational and technical controls necessary to protect the organization’s information assets, and considers people, processes, and technology.
ISO 27001 can be used to meet requirements of the NY DFS Cybersecurity Regulation.
If you’re implementing ISO 27001 and don’t know where to start, download this free green paper for a quick introduction.
- IT Governance’s nine-step approach to implementing an ISO 27001-compliant ISMS
- Important considerations for every step of the ISMS process
- The challenges you’ll face when creating your ISMS
- A tried-and-tested implementation approach that will save you time and money