ISO/IEC 27001:2023
Information technology, cybersecurity and privacy protection. Information security management systems. Requirements
What is the ISO 27001:2023 standard?
ISO/IEC 27001 is an internationally recognized standard published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). The standard specifies the requirements for establishing and maintaining an effective information security management system (ISMS) to protect against the main causes of information security risks. The standard applies to all types of information, regardless of the form in which it is stored, transmitted, or processed.
What is a management system and why do we need one?
The international standard ISO 9000:2015 defines a management system as a set of interrelated or interacting elements of an organization to establish policies, objectives, and processes to achieve those objectives. A complete management system covers every aspect of management and focuses on supporting performance management to meet objectives. The management system should be subject to continual improvement as the organization evolves.
How can we help you?
Wert Audit can assist you with the following services:
- - certification of the information security management system;
- - training for auditing information security management systems within your own organization or those of others, such as suppliers of the organization you work in;
- - consultancy for the development and implementation of the information security management system;
- - internal audit or auditing of the organization's suppliers.
To comply with the impartiality principle required by SR EN ISO/IEC 17021-1:2015 for certification bodies, Wert Audit cannot provide consultancy, training, or internal audit services to legal entities requesting certification or those already certified at the time of the request. Also, legal entities for which Wert Audit has provided consultancy, training, or internal audit services cannot receive certification services for at least 2 years after the completion of those services.