Search in Boards

Search the entire site bulletin board

Information Security

Contact Us

Tel. +82 2 6749 0701

AM 9:00 ~ PM 6:00

Saturday,Sunday,Holiday :
Days Off

02.6749.0711
info@igcert.org

Information Security


❉ ❉ ❉

ISO/IEC 27001

Information Security Management System

ISO/IEC 27001 is an international standard for information security management system established by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) and the most authoritative international certification standard in the field of information security.

The standard was recently updated from ISO/IEC 27001:2013 to ISO/IEC 27001:2022. Organizations that are currently maintaining ISO/IEC 27001:2013 will have certificates valid until only October 30, 2025, and need to transition before then.

As updated ISO/IEC 27001:2022, the sub clauses have been added in 10 main clauses, controls have been merged and newly added. Detailed information can be found in the homepage, resource.

  • ISO/IEC 27001 Requirements

    ISO/IEC 27001 Requirements

    ISO/IEC 27001 consists of 10 clauses: organizational environment, leadership, planning, support, operation, performance evaluation, and improvement, and control items (refer to ISO/IEC 27002 for control items). The requirements of this standard have been formulated to be general for applicable to any organization, regardless of its type, size or characteristics.

    • 1. Scope
    • 2. Normative references
    • 3. Terms and definitions
    • 4. Context of the organization
    • 5. Leadership
    • 6. Planning
    • 7. Support
    • 8. Operation
    • 9. Performance evaluation
    • 10. Improvement
  • The importance of ISO/IEC 27001

    The importance of ISO/IEC 27001

    Through ISO/IEC 27001 certification, organizations can benefit like below :

    1. Customer satisfaction

    Realization of customer satisfaction through protection of customer information

    2. Business continuity

    Secure business stability through risk management, legal compliance and vigilance on future security issues and concerns

    3. Compliance with laws

    Understand how legal/regulatory requirements affect you and your customers, and how to reduce the risk of legal sanctions

    4. Risk management

    Ensure that customer records, accounting information and intellectual property rights are protected from loss, theft and damage through a systematic framework

    5. Proof of business reliability

    Reliability is secured through independent verification of recognized global industry standards

    6. Business expansion

    Customers often require a certificate as a condition of delivery, so certification can help you expand your business.

  • IGC’s Competency

    IGC’s Competency

    IGC has a lot of knowledge and rich experience in certification activities for quality management systems in various industries, including information security.

    IGC has up-to-date knowledge of a wide range of specific scopes and legal requirements in major markets around the world, and provides the knowledge and services to support your entire global operation.

Related Services from IGC