ISO 27001 - Information Security Management
ISO 27001 - Information Security Management - Specification with Guidance for Use.
The basic objective of the standard is to help establish and maintain an effective information management system, using a continual improvement approach. It implements OECD (Organization for Economic Cooperation and Development) principles, governing security of information and network systems.
ISO 27001 is 'harmonized' with other management standards, such as ISO 9001 and ISO 14001.
The broad content is of course similar to the old I.S. 17799-2 and includes:
- Cross reference with ISO 17799 controls
- Use of PDCA
- Information Management System
- Terms and definitions
Further information on ISO 27001 is available at http://www.27001-online.com
ETSI TS 101456 specifies “Policy requirements for certification authorities issuing qualified certificates.”
Qualified certificates are the basis of a special form of electronic signature. Such electronic signatures provide the ability to identify originators of electronic information, and facilitate electronic commerce, since they generate confidence in the authenticity of the user.
ETSI TS 101456 specifies baseline policy requirements on the operation and management practices of those certification authorities who issue qualified certificates, including, where appropriate, the use of secure-signature-creation devices.
NSAI certification of client systems for issuing qualified certificates will provide visible assurance that organisations have appropriate measures in place to generate these electronic signatures, and will provide added confidence for consumers.
Contact:
Derek Carpenter
Certification Officer
Phone: 01 8073869
Fax: 01 8073844
MM Rev. 10
Last Updated - [31 Aug 2007 @ 14:16:42]
1 Swift Square,
Northwood,
Santry
Dublin 9, Ireland
Telephone: +353 1 807 3800
Fax: +353 1 807 3838
Email: nsai@nsai.ie
Related Information
Certification
EU Notified Body Activities
Eco Label Scheme
Warehousing
Information
Medical Devices
Management Systems
Product Certification
NSAI Logos
Management Systems
ISO 26000 - Corporate Social Responsibility
ISO 22000 - Food Safety
I.S. 393 Energy Management System
ISO 28000 - Supply Chain Security
ISO 9001 - Quality Management Systems
TL 9000 -Telecommunications Management System
UK Highway Sector Schemes
OHSAS 18001 - Health and Safety Management Systems
ISO 27001 - Information Security Management
CQAI-NSAI Scheme
ISO 31000 - Risk Management
ISO 14001 - Environmental Management Systems
ISO 20000