IEC/ISO:27001 is essentially a series of policy documents related to cyber resilience.
The policies are tailored to your business, and are intended to be audited and amended on a regular basis.
We use the NIST CSF 2.0 framework for these policies.
IEC/ISO:27001 is mandated or recommended by several regulatory bodies, including the Dubai Financial Services Authority (DFSA) for all businesses based in Dubai International Financial Centre (DIFC), and also forms the basis of many government regulations globally.
If you are not covered by a regulator that mandates IEC/ISO:27001, it would still be prudent to be at least compliant, as part of the regulations (and is covered in the standard), Supply Chain Security is an important component.
IEC/ISO:27001 can be approached from two angles:
Certification follows the same principles as Compliance, however your business will be recognized as being certified by ISO/IEC. Many companies don't go down this path due to the additional cost if they can demonstrate compliance to the relevant authority or a customer as part of a supply chain assessment.
We are not currently licensed to certify companies, however we can bring you to a compliant level, and audit your supply chain for compliance.
The policies are tailored to your business, and are intended to be audited and amended on a regular basis.
We use the NIST CSF 2.0 framework for these policies.
IEC/ISO:27001 is mandated or recommended by several regulatory bodies, including the Dubai Financial Services Authority (DFSA) for all businesses based in Dubai International Financial Centre (DIFC), and also forms the basis of many government regulations globally.
If you are not covered by a regulator that mandates IEC/ISO:27001, it would still be prudent to be at least compliant, as part of the regulations (and is covered in the standard), Supply Chain Security is an important component.
IEC/ISO:27001 can be approached from two angles:
- Compliance
- Certification
Certification follows the same principles as Compliance, however your business will be recognized as being certified by ISO/IEC. Many companies don't go down this path due to the additional cost if they can demonstrate compliance to the relevant authority or a customer as part of a supply chain assessment.
We are not currently licensed to certify companies, however we can bring you to a compliant level, and audit your supply chain for compliance.