Showing posts with label ISO27001 certified. Show all posts
Showing posts with label ISO27001 certified. Show all posts

Friday, December 12, 2014

The importance of ISO27001 in Qatar

The ISO27001 Qatar is an international standard which acts as a framework for the ISMS (Information Security Management System). Those companies who receive this certification can show it as a proof that they are following the best security practices for their private data. There are many changes in the newer version of this software as compared to its older counterpart.

What is the ISO27001 Qatar?


The ISO27001 Qatar is established by the ISO/IEC Joint Technical Committee. The latest version of this standard released on 25th September 2013, which succeeded its older version which was established in 2005. ISO27002 is a companion of this standard. The latest version in the ISO family can be used by all sorts of organizations, irrespective of the sectors they may belong to. Companies who wish to prevent risks related to the loss or theft of vital data can get this certification. Nowadays, it is eminent for all organizations, whether large or small, to get them certified. This serves as a verification that their systems are protected and there is no risk of losing data.


Importance of this certification:


In Qatar, majority of the companies are getting themselves ISO27001 certified as they understand the
importance of ISO27001 certification. Through this certification, they are able to make their reputation better in their market. This is because of the international standard of the certification. It acts as a competitive edge in the market and companies who aren’t certified may feel as if they are losing customers. Also, with the help of this certification, companies can win the trust of third parties and customers. Because this certification ensures that the company has all the security standards which will help in the prevention of losing data, customers are ready to trust the firm without any doubts.


Difference from the ISO27001:2005:


The ISO27001:2013 introduced new regulations which did not exist in its previous version. Some of them are listed as follows:

  • The PDCA (plan-do-check-act) model does not exist in the older version. Organizations can now apply through any sort of continual improvement method.
  • The clauses mentioned in annex A have been changed.
  • The structure of the new standard has changed.
  • The roles of the upper level management have been clearly described in the standard.
  • The standard is more flexible for the organization.
  • The newer version integrates better with the other ISO standards.
Posted by at 2 comments:
Labels: , , ,

Tuesday, December 9, 2014

ISO27001 Qatar– Domains, Objectives and Controls


ISO27001 Qatar is used commonly because all companies understand the need of keeping their information safe and secure from others. That is why they prefer achieving this certification to increase the level of trust of their potential customers and interested parties. ISO27001 refers to an international standard which helps in maintaining certain security controls for the organization.

Introduction:


ISO27001 is used by many companies in Qatar to ensure the safety of their information systems. Many companies consider it a risk to keep data in their devices without proper security controls and consider security the first priority of their business. They are well aware of the fact that competitive companies can steal their private data and use it for their own advantage.

ISO27001 Qatar acts like a framework for the information security management system and helps in the establishment, management and implementation of security controls. Many businessmen prefer being ISO27001 certified as it is an international standard. This will help them in expanding their business as well as in trading internationally. This standard has many other benefits as well. It helps in compliance with other security controls and helps businessmen in maintaining a good image of their company in the market. Customers and interested parties are more likely to trust those companies in Qatar which are ISO27001 certified.

Domains objectives and controls:


The domains and control objectives of ISO27001 are given as follows:


1. Security policy:


The objective of this policy is to help in the management of security controls in accordance with the laws related to information security. This also assists the management in making important decisions related to security.


2. Organization of Information Security:


The objective is to manage information security within the workplace i.e to assist managers with security controls. Another objective is to maintain the organization’s information which is managed by third parties.

3. Asset management:


The objective of this control is to manage the assets of the company and to protect it from risk.

4. Human resource security:


The main objective of this security is to ensure that all the employees and interest parties are capable and understand their job responsibilities. After getting the job, the objective is to ensure that they understand the risks and threats involved in managing information security.

5. Physical environment and security:


The objective of this control is to prevent physical access to the information.

Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)