Cost avoidance due to ISO ISMS
Assign topic to the user
Answer: Yes, there is. For ISO 27001 one good reference is the Cost of Cyber Crime Report from Ponemon Institute (https://www.ponemon.org/library/2016-cost-of-cyber-crime-study-the-risk-of-business-innovation) (specifically see page 18 - Total cost of cyber crime for low versus high security profiles), but you have to be very careful when presenting these type of data to customers, because each organization has its unique context that can affect the risks to each one that are exposed and the impacts they may suffer, so basing on an opportunity to avoid costs in data from another organization can lead to wrong conclusions. You could say that these are only examples and that specif data about the client's organization must be evaluated to provide a more precise situation.
These articles will provide you further explanation regarding ISO 27001 costs:
- How much does ISO 27001 implementation cost? https://advisera.com/27001academy/blog/2011/02/08/how-much-does-iso-27001-implementation-cost/
- 5 ways to avoid overhead with ISO 27001 (and keep the costs down) https://advisera.com/27001academy/blog/2012/06/19/5-ways-to-avoid-overhead-with-iso-27001-and-keep-the-costs-down/
Comment as guest or Sign in
Sep 17, 2017