Information Security Governance Papers
Paper Title | The Benefits Of Using ISO 17799 And 27001 |
---|---|
The Abstract of The Paper |
ISO 17799 and 27001 provide a top-down and consistent
approach to address all compliance, risk, and governance issues
related to information security. Most of what is needed to
address compliance best practices, and standards are the same
and ISO has unified these into one framework. The direct and
indirect benefits are shown below.
• Direct benefits of ISO 17799 and 27001 - Reduced costs of compliance efforts - Increased security and reliability of information systems - Cost-effective and consistent information security practices - Reduced costs from consolidating and optimizing systems • Indirect benefits of ISO 17799 and 27001 - Improved management of risk - Better contingency planning - Enhanced competitive advantage - Improved management control - Better employee working environment While other frameworks have value in managing information security, only ISO 27001 goes beyond a framework to provide an international standard that your information security practices can be independently certified against. ISO 27001 could become the next ISO 9000 type standard that every organization wants to promote, that educated consumers and business partners seek before conducting business, and that every potential stockholder seeks before investing. |
Web Link | http://www.wolcottgroup.com/documents/WG_ISO27001PoV_0607C2.pdf |