Data integrity
1. Como ISO 27001 puede asegurar la integridad de los datos en una empresa que necesita crear todas sus políticas de seguridad desde cero,
2. el retorno de la inversión de un proyecto ISO 27001 es factible?
Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
1. How can ISO 27001 ensure data integrity in a company that needs to create all its security policies from scratch
ISO 27001 Annex A has controls that can be applied to minimize risks that information is changed or destroyed without authorization (e.g., A.9.1.1 Access control policy, and A.12.1.2 Change management), and that changes performed can be tracked and undone if needed (e.g., A.12.4.1 Event logging, and A.12.3.1 Information backup), thus helping protect information integrity.
For further information, see:
- How to handle access control according to ISO 27001 https://advisera.com/27001academy/blog/2015/07/27/how-to-handle-access-control-according-to-iso-27001/
- How to manage changes in an ISMS according to ISO 27001 A.12.1.2 https://advisera.com/27001academy/blog/2015/09/14/how-to-manage-changes-in-an-isms-according-to-iso-27001-a-12-1-2/
- Logging and monitoring according to ISO 27001 A.12.4 https://advisera.com/27001academy/logging-according-to-iso-27001/
- Backup policy – How to determine backup frequency https://advisera.com/27001academy/documentation/backup-policy/
This material will also help you regarding ISO 27001 controls:
- ISO 27001 Annex A Controls in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/
2. is the return on investment of an ISO 27001 project feasible?
ISO 27001 was designed to help organizations apply controls based on relevant requirements and in levels related to their risk tolerance.
Considering that, provided that the ISO 27001 project is aligned to the business' and interested parties' (e.g., customers, regulation bodies, suppliers, etc.) needs and objectives, its return on investment is feasible.
This article will provide you a further explanation about ISO 27001 implementation:
- How to make your investment in ISO 27001 profitable https://advisera.com/27001academy/blog/2015/07/13/how-to-make-your-investment-in-iso-27001-profitable/
- Four key benefits of ISO 27001 implementation https://advisera.com/27001academy/knowledgebase/four-key-benefits-of-iso-27001-implementation/
- Aligning information security with the strategic direction of a company according to ISO 27001 https://advisera.com/27001academy/blog/2017/02/20/strategic-direction-of-a-company-according-to-iso-27001/
Comment as guest or Sign in
Jul 14, 2020