ISO 27001 (ISO 27001:2013) is an international standard for the implementation of a best practice Information Security Management System (ISMS). ISO 27001 accreditation requires an organisation to bring information security under explicit management control.
To achieve ISO 27001, organisations are formally audited and certified. Whilst not every organisation will accredit to ISO 27001, many organisations globally use the standard to measure their security policies, processes and controls against:
Ensuring appropriate control of confidential or sensitive information
Classifying or labelling data with visual (and metadata) labels to highlight any special handling requirements
Alerting users when personal data is leaving the organisation to warn or prevent them from sending messages that contain sensitive information
Educating users about the sensitivity of data whilst ensuring adherence to corporate policy
Utilising metadata labels to drive additional security controls and solutions, such as DLP, encryption and rights management
Orchestrating data management solutions, such as data retention and archiving, to ensure adherence to data storage requirements
Solution brief: Using Data Classification To Support ISO 27001 Compliance
Learn how to use data classification to meet ISO 27001 compliance requirements.
How protected is your data?
Meet with one of our experts to assess your needs, and we'll walk you through our solution.