Information Technology Standards

ISO 27001 Information Security Management System

Posted in Information Technology Standards, ISO Standards

ISO 27001 Information Security Management System

ISO 27001 The new ISO 27001:2013 (released in September 2013) allows you to demonstrate to existing and potential customers, suppliers and shareholders the integrity of your data and systems and your commitment to information security. It also allows you to enforce information security and reduce the possible risk of fraud, information loss and disclosure. The standard is based on 7 major requirements, i.e. Clause 4: Context of the Organization Clause 5: Leadership Clause 6: Planning Clause 7: Support Clause 8: Operation Clause 9: Performance Evaluation Clause 10: Improvement Incorporating the new revision are improvements to the security controls to deal with current...

Read More

ISO 20000 Information Technology Service Management System

Posted in Information Technology Standards, ISO Standards

ISO 20000 Information Technology Service Management System

ISO/IEC 20000-1:2011 is an IT service management system (SMS) standard. It specifies requirements for the service provider to plan, establish, implement, operate, monitor, review, maintain and improve an SMS. The requirements include the design, transition, delivery and improvement of services to fulfil agreed service requirements, i.e. Clause 4: Service management system general requirements Clause 5: Design and transition of new or changed services Clause 6: Service delivery processes Clause 7: Relationship processes Clause 8: Resolution processes Clause 9: Control processes Benefits of ISO 20000 Compatible with ITIL to support continual improvement Develop IT...

Read More