Answers to your ISO Training Questions
What does ISO stand for?
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO standards are the result of collaboration and consensus among a group of more than 160 countries around the globe.
What is information?
Information is that which informs or resolves uncertainty. Information is a business asset that has a value to an organization and thus has to be protected. Information can be found in any form including:
What is information security?
Information Security is known as the process of protecting information assets against the loss of confidentiality, integrity and availability (CIA) or preservation of CIA.
What is an Information Security Management System (ISMS)?
A framework of processes and procedures used to protect against the loss of confidentiality, integrity and availability (CIA) of information in any form.
What is ISO 27001?
ISO 27001 is the international standardization of auditable requirements for an information security management system (ISMS). ISO 27001 has two main parts including Sections 4-10 and Annex A.
What is the ISO series of standards?
All ISO standards consist of a series of standards that apply to a specific management system category. The ISO 27000 series of standards specifically address information security management systems (ISMS).
It is typically the first standard in each ISO series that contain the management system requirements. Thus, it is typically only the 1st standard in each series that is "certifiable" such as;
*All of the other standards in each ISO series are typically reference / guidance to support one or more of the management system requirements. Some commonly used ISO 27000 reference standards include:
*there are many more reference / guidance standards available in the 27000 series
* = Required
NOTE: iCertWorks will not provide requested information to personal email addresses (examples: gmail.com, yahoo.com, msn.com, etc.).