United Registrar of Systems Ltd  로그인  회원가입  연락처  사이트맵
인증서비스 서비스 신청 URS 커뮤니티 URS 인증원
ISO 9000
ISO 14000
ISO/TS 16949
ISO/IEC 20000
OHSAS 18000
ISO 13485
ISO 27001
ISO 28000
ISO/TS 29001
AS 9100
TL 9000
최고를 원하십니까? 저희가 도와드리겠습니다!!
인증서비스 Home > 인증서비스 > 시스템인증 분야 > ISO 27001
URS 인증 특징시스템인증 절차시스템인증 분야교육서비스
정부지원 사업

ISO/IEC27001 is a standard specification for an Information Security Management Systems (ISMS). Information is critical to the operation and perhaps even the survival of each organization. Being certified to ISO/IEC27001 will help organization to manage and protect valuable information assets.

ISO/IEC27001 is the only auditable international standard and designed to ensure the selection of adequate and proportionate security controls. In addition to protect organization’s information assets it can give confidence to any interested parties, especially customers. The standard specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented ISMS within the context of the organization’s overall business risks. The standard specifies requirements for the implementation of security controls customized to the needs of individual organizations.

The standard revised in 2005 and is based on the plan-do-check-act model in common with ISO9001 and ISO14001 and uses risk assessment and business impact analysis to identify and manage risks to the confidentiality, integrity and availability of information.

The ISO/IEC27001 standard covers the following topics:

  Security policy ? This provides management direction and support for information security
  Organization of assets and resources ? To help you manage information security within the organization
  Asset classification and control ? To help you identify your assets and appropriately protect them
  Personnel security ? To reduce the risks of human error, theft, fraud or misuse of facilities
  Physical and environmental security ? To prevent unauthorized access, damage and interference to business premises and information
  Communications and operations management ? To ensure the correct and secure operation of information processing facilities
  Access control ? To control access to information
  Systems development and maintenance ? To ensure that security is built into information systems
  Business continuity management ? To counteract interruptions to business activities and to protect critical business processes from the effects of major failures or disaters
  Compliance ? To avoid breaches of any criminal and civil law, statutory, regulatory or contractual obligations, and any security requirement

Who is it relevant to?

ISO/IEC27001 is suitable for broad range of organizations, large or small, in most of the commercial and industrial market sectors. The standard is particularly suitable where the protection of information is critical, such as in the finance, health, public and IT sectors. ISO/IEC27001 is also highly effective for organizations which manage information on behalf of others, such as IT outsourcing companies: it can be used to assure customers that their information is being protected.

Benefits of ISO/IEC27001

Certification to ISO/IEC27001 is a powerful demonstration of an organization’s commitment in managing information security. It also helps create a systematic framework in which organizations drive continual improvement, providing a competitive advantage for your organization because:

  It certifies that your company complies with the industry’s best practices for security
  As a marketing commodity, it encourages trust among present and potential clients
  With compliance, a better work practice and ethics in security is established
  It provides a framework for you to comply with regulatory/legislation requirements
  It enables you to demonstrate your IT systems are safe and make a public statement of capability without revealing your security processes or opening your systems to second party audits
  It helps your organization develop a business continuity plan, minimizing the impact of any security breaches


Contact Person : 최춘성
Tel : +82 (02) 2636 9003 /  Mobile : +84 (0122) 809 3480 / +82 (10) 3709 9001
Email : cschoi112@gmail.com

Contact Person : 김혜미
Tel : +82 (02) 2636 9003  /  Fax : +82 (02) 2636 9070
Email : korea@urs.co.kr
URS 인증 특징 위치 및 연락처 Global Network Vietnamese Korean English
L3-42.OT05, Landmark 3, Vinhomes Central Park, 720A Dien Bien Phu St, Ward 22, Binh Thanh Dist, HCMC
Tel : 84(08) 3930-1376   |    Fax : 84(08) 3930-1349   |    Mail to : vietnam@urs.vn