DNV - overview

our services

your industry

dnv worldwide

news & events

about us

find us

careers

sitemap

DNV UK Home

certification

information security

	cd

Information Security Management

Information is key to the growth and success of a company. A certified Information Security Management System demonstrates to customers that your information is suitably protected � whether stored on paper, electronically, or in the minds of employees.

An Information Security Management System will help identify and reduce critical security risks, as it helps you focus your information security efforts and protect your information. With our Risk Based Certification^� approach, DNV auditors assess how well your Informatin Security Management System supports the areas of greatest importance to you, in addition to measuring compliance against elected standards.

On this information security management homepage, we will help you understand the what and why of an Information Security Management System � what it is and why your business will benefit from implementing one.

DNV can be your partner when it comes to:

Accredited certification to ISO/IEC 27001. This is the new international Information Security Management System standard, replacing BS 7799. It is based on BS 7799 but is aligned with other international standards. ISO/IEC 27001 is applicable to any type of organisation. ISO/IEC 27001 specifies requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an organisation�s Information Security Management System.

BS 7799 is the Information Security Management system standard on which ISO/IEC 27001 is based. Certificates based on this standard are valid until April 15 2007 or the validity date noted on the certificate, whichever is earlier.

ISO/IEC 27001 entered into force on October 15 2005. Information Security Management System certification can be done according to this standard from this date.

During the preparation period from October 15 2005 to April 15 2006 audits and certification can be performed to either ISO/IEC 27001:2005 or BS 7799-2:2002. However, a new BS 7799-2:2002 certificate issued during this period will need to be transitioned to ISO/IEC 27001:2005 not later than April 15 2007.

After April 15 2006 all audits and certification shall be carried out to ISO/IEC 27001:2005.

Companies who are certified to BS 7799 will have to transition to the new standard within April 15 2007. For more information, please contact your local unit.

The road to certification will help you prepare for an independent audit. Accredited certification will explain what the actual certification process entails.

DNV offers Risk Based Certification worldwide, and holds a wide range of national accreditations. With our global network of local resources, we can provide you with the certification most suitable to your needs, type of business, and company location. Wherever you are, our auditors make it a point to know the business you are in.

	SEARCH


	SHORTCUTS

	Certification Services
	Consulting services
	Training Services
	DNV Maritime
	DNV Software
	DNV Research
	DNV Exchange
	IT Global Services


	RELATED INFO

	links:
	Meet our clients
	ISMS International User Group

	downloads:
	Management Systems brochure (pdf)
	ISO 27001 Flyer (pdf)
	Quote Request Form
	Risk Based Certification
	OECD guidelines (pdf)

	top of page
	print this page