Asia
Select regional store:

ISO 27001, the information security standard

What is ISO 27001?

ISO 27001 (ISO/IEC 27001:2013) is the international standard that provides the specification for an information security management system (ISMS). The latest version was published in October 2013.

The Standard is designed to help organisations manage their information security processes in line with international best practice while optimising costs. It is technology and vendor neutral and is applicable to all organisations - irrespective of their size, type or nature.

Purchase your copy of the standard >>


Speak to an ISO 27001 expert

Having led the world’s first ISO 27001 certification project, we understand what it takes to implement the Standard and can support you throughout your project, from initial discussions to certification. Speak to one of our experts for more information on our products and services and how we can help you certify.

Get started with ISO 27001

What is an ISMS?

An ISMS is a system of processes that helps to establish, implement, operate, monitor, review, maintain and improve an organisation's information security to achieve business objectives.

An ISO 27001-aligned ISMS helps you manage all your security practices (both electronic and physical) coherently, consistently and cost-effectively.

Find out how to implement an ISMS >>


Why has implementing ISO 27001 in Asia-Pacific become essential?

Cyber crime is on the increase. The IBM 2017 Cost of Data Breach Study found that the average data breach costs $3.62 million. It is therefore imperative that Asia-Pacific organisations have strategies in place to protect themselves from this growing threat.

Implementing an ISO 27001 ISMS will help to improve information security practices and protect their information assets.

ISO 27001 certifications in East Asia and Pacific have already grown rapidly, reaching almost 15,000 – the highest number worldwide – in 2017 (ISO Survey). Below is the percentage increase of achieved certificates in the last five years.

 

ISO 27001: get board and secure budget

Australia

193%

ISO 27001: get board and secure budget

India

69%

ISO 27001: get board and secure budget

Philippines

138%

ISO 27001: get board and secure budget

Singapore

46%

ISO 27001: get board and secure budget

Malaysia

75%

 


Advantages of ISO 27001 certification

ISO 27001 is one of the most popular information security standards in the world, with certifications growing by more than 450% in the past ten years. It is recognised globally as a benchmark for good security practice, and enables organisations to achieve accredited certification through an accredited certification body following the successful completion of an audit.
 

Protect your data

Protect your data, wherever it lives

An ISO 27001-compliant ISMS helps protect all forms of information, whether digital, paper-based or in the Cloud.

Meet contractual and regulatory obligations with customised documentation

Meet contractual and regulatory obligations

Certification demonstrates an organisation’s commitment to information security, and provides a valuable credential when tendering for new business.

Reduce costs and save money

Reduce costs associated with information security

Thanks to the risk assessment and analysis approach of an ISMS, organisations can reduce costs spent on indiscriminately adding layers of defensive technology that might not work. 

Increase your attack resilience

Increase your attack resilience

Implementing and maintaining an ISMS will significantly increase your organisation’s resilience to cyber attacks.

Respond to evolving security threats - Protect your reputation

Respond to evolving security threats

Constantly adapting to changes both in the environment and inside the organisation, an ISMS reduces the threat of continually evolving risks.

Improve in-house company culture

Improve company culture

The Standard’s holistic approach enables employees to readily understand risks and embrace security controls as part of their everyday working practices.

Learn more about the advantages of ISO 27001 certification >>​

How to implement an ISMS

Implementing an ISO 27001-compliant ISMS involves several steps, of which the following are the most important:

  • Scoping the project
  • Securing management commitment and budget
  • Identify interested parties, and legal, regulatory and contractual requirements
  • Conduct a risk assessment
  • Review and implement the required controls
  • Develop internal competence
  • Develop the appropriate documentation
  • Conduct staff awareness training
  • Continually measure, monitor, review and audit the ISMS
  • Get certified

Discover our ISO 27001 implementation checklist and solutions >>


How IT Governance can help organisations in Asia-Pacific

We understand that every organisation is different, so we can support you with ISO 27001 implementation through our variety of product and services. 

For more advice or guidance on implementing ISO 27001, please contact our team.

This website uses cookies. View our cookie policy