With the increase of technical solutions tailored to easily and quickly sharing information, leaks are becoming more widespread. The increased migration of workers between competing companies means you risk losing significant knowledge each time someone walks out the door. A systematic approach to information security can help you manage your information flow. Moving away from ad hoc processes gives you an overview that makes your internal processes easier to manage, measure and improve.
Three-dimensional protection of your information
With a management system you can establish, implement, operate, monitor, review, maintain, and improve your information security. You will have a tool to identify your critical assets and proceed to protect them. This will provide confidence for employees, customers, owners, and the society in general.
You will be able to protect your information with regards to three dimensions:
- Confidentiality ensures that information is accessible only to those authorised to have access.
- Integrity safeguards the accuracy and completeness of information and processing methods.
- Availability ensures that authorised users have access to information and associated assets when required.
Putting your security issues first
The purpose of information security management is to ensure business continuity and reduce business damage by preventing and minimising the impact of security incidents. The Audit Commission Update report (1998) shows that fraud or cases of IT abuse often occur due to absence of basic control, with one-half of all detected frauds found by accident. Ensuring the storage of your knowledge capital, and protecting it through a management system, will strengthen the competitive edge of your company.
What standards can you be certified to?
To get on the road to certification, you should begin by reading about the ISO/IEC 27001 Information Security Management System standard applicable to any organisation.
The new international standard ISO/IEC 27001 will replace BS 7799 from April 15 2006.
