Expert Advice Community

Home / ISO 27001 & 22301 / Aligning information security objectives with business strategy

Guest

Aligning information security objectives with business strategy

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   May 23, 2016 Last commented:   May 23, 2016

Aligning information security objectives with business strategy

ISO 27001 & 22301
Kindly, could you please clarify this to me? "Make sure your information security objectives are aligned with the business strategy (ISO 27001 clause 5.1 a). What does that exactly mean? If my org is a financial company for example.
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.
Expert
Dejan Kosutic May 23, 2016

"

Answer: Your top-level information security objectives (objectives for your whole ISMS) must support your business strategy, because information security must be part of the efforts of making your company successful.

For example, for a financial organization, an information security objective might be to decrease the number of data leakages, which directly supports an increase in trust in such organization. And building such a trust is probably a strategic objective of financial organization.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

May 22, 2016

May 22, 2016

Suggested Topics
Guest user Created:   Jul 22, 2020 ISO 27001 & 22301
Replies: 1
0 0

Aligning business strategy to ISMS
Guest user Created:   Oct 27, 2018 ISO 27001 & 22301
Replies: 1
0 0

Information security strategy
Guest user Created:   Feb 15, 2018 ISO 27001 & 22301
Replies: 1
0 0

Toolkit content ISO 27001