Friday, December 12, 2014

The importance of ISO27001 in Qatar

The ISO27001 Qatar is an international standard which acts as a framework for the ISMS (Information Security Management System). Those companies who receive this certification can show it as a proof that they are following the best security practices for their private data. There are many changes in the newer version of this software as compared to its older counterpart.

What is the ISO27001 Qatar?


The ISO27001 Qatar is established by the ISO/IEC Joint Technical Committee. The latest version of this standard released on 25th September 2013, which succeeded its older version which was established in 2005. ISO27002 is a companion of this standard. The latest version in the ISO family can be used by all sorts of organizations, irrespective of the sectors they may belong to. Companies who wish to prevent risks related to the loss or theft of vital data can get this certification. Nowadays, it is eminent for all organizations, whether large or small, to get them certified. This serves as a verification that their systems are protected and there is no risk of losing data.


Importance of this certification:


In Qatar, majority of the companies are getting themselves ISO27001 certified as they understand the
importance of ISO27001 certification. Through this certification, they are able to make their reputation better in their market. This is because of the international standard of the certification. It acts as a competitive edge in the market and companies who aren’t certified may feel as if they are losing customers. Also, with the help of this certification, companies can win the trust of third parties and customers. Because this certification ensures that the company has all the security standards which will help in the prevention of losing data, customers are ready to trust the firm without any doubts.


Difference from the ISO27001:2005:


The ISO27001:2013 introduced new regulations which did not exist in its previous version. Some of them are listed as follows:

  • The PDCA (plan-do-check-act) model does not exist in the older version. Organizations can now apply through any sort of continual improvement method.
  • The clauses mentioned in annex A have been changed.
  • The structure of the new standard has changed.
  • The roles of the upper level management have been clearly described in the standard.
  • The standard is more flexible for the organization.
  • The newer version integrates better with the other ISO standards.

2 comments: