ISO 27001 Certification
ISO 27001 specifies the requirements for the policies, procedures and processes that comprise a company’s information security management system (ISMS). This international standard was developed to provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an ISMS.
ISO 27001 uses a top-down, risk-based approach. Earning certification in this standard is not based on adhering to a set of predetermined rules. Instead, an organization is certified based on a set of controls that are specific to its risks. These controls comprise the company’s Statement of Applicability, a document that ISO auditors will certify an organization against.
Download the datasheet to learn more.
About NAVEX Global, Inc.
NAVEX Global is the worldwide leader in integrated risk and compliance management software and services. Our solutions help organizations manage risk, address complex regulatory requirements and foster an ethical, productive workplace culture.