Implementing ISO 27001 for Drupal Agencies

 

ISO 27001 is an information security standard, part of the ISO/IEC 27000 family of standards, of which the last version was published in September 2013.
It is published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) under the joint ISO and IEC subcommittee, ISO/IEC JTC 1/SC 27.

 

ISO 27001 specifies a management system that is intended to bring information security under management control and gives specific requirements. Organizations that meet the requirements may be certified by an accredited certification body following successful completion of an audit.

 

Most organizations have a number of information security controls. However, without an information security management system (ISMS), controls tend to be somewhat disorganized and disjointed, having been implemented often as point solutions to specific situations or simply as a matter of convention.

 

Check out more about Adrian Pintilie.