ISO 27001 - Information Security Management System

 ISO 27001 - Information Security Management System

ISO 27001 defines how to manage information security through a series of information security management.

The ISO 27001 standard is based on the Plan-Do-Check-Act methodology that should be continuously implemented in order to minimise risks to the confidentiality, integrity and availability of information. The phases are as follows:

Plan: Serves to plan the basic organisation of information security, set objectives for information security and choose the appropriate security controls.

Do: Implement the planned processes.

Check: Monitor the functioning of the ISMS and measure if the results meet the set objectives.

Act: Take action to continually improve effectiveness on things that were identified as non-compliant in the previous phase.


  • Ensure compliance with the legal and regulatory requirements
  • Independently verify that your organisational risks are properly identified, assessed and managed while formalising information security processes, procedures and documentation
  • Continually monitor your organisation’s performance
  • Demonstrate your commitment to implementing a high level of security and adherence to information security toward company’s stakeholders


Click here for the ISO Management Systems Application Form