Take the ISO 27001 course exam and get the EU GDPR course exam for free
LIMITED-TIME OFFER – VALID UNTIL SEPTEMBER 30, 2021

Expert Advice Community

Guest

Swot of iso 27001

  Quote
Guest
Guest user Created:   Oct 07, 2020 Last commented:   Oct 10, 2020

Swot of iso 27001

 In order for me to understand the iso 27001 better can you provide me with a SWOT analysis of the ISO with example for large organisations (1 million+) member voting systems?

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Oct 07, 2020

First, it is important to note that a SWOT analysis is not mandatory for ISO 27001, but it can help the identification of organizational context (internal and external issues that can impact information security) and requirements of interested parties.
 
 Considering that, without knowing specifics of the organization, regarding internal and external issues that can impact information security related to the voting system, it is unfeasible to provide a SWOT example.
 
 In a general way you can consider that:
 - Your Strengths and Weaknesses are internal issues with positive and negative connotations.
 - Your Opportunities and Threats are external issues with positive and negative connotations.
 
 Not all those issues have the same weight or the same impact on your organization. Use the needs and expectations of interested parties to evaluate which issues are more relevant.
 
 Then, pick those relevant positive issues (internal or external) and see if you can find relevant opportunities and benefits to evaluate and act upon.
 Then, pick those relevant negative issues (internal or external) and see if you can find relevant risks to evaluate and act upon.
 
 These articles will provide you a further explanation about organizational context and requirements of interested parties:  
- How to define context of the organization according to ISO 27001 https://advisera.com/27001academy/knowledgebase/how-to-define-context-of-the-organization-according-to-iso-27001/
- How to identify ISMS requirements of interested parties in ISO 2 7001 https://advisera.com/27001academy/blog/2017/02/06/how-to-identify-isms-requirements-of-interested-parties-in-iso-27001/
- Four key benefits of ISO 27001 implementation https://advisera.com/27001academy/knowledgebase/four-key-benefits-of-iso-27001-implementation/

Quote
0 0
Guest
gary Oct 10, 2020

Many thanks for your reply Rhand, I am interested in risk analysis of using ISO's to create a false sense of security and therefore asked if SWOT is the correct tool for this task?

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Oct 07, 2020

Oct 10, 2020