ISO 27001 compliance demonstrates that IntraStage has invested in the people, processes, and technology (e.g., tools and systems) to protect your organization’s data and provides an independent, expert assessment of whether your data is sufficiently protected.
ISO 27001 compliance is becoming increasingly important as regulatory requirements (such as the GDPR, HIPAA, and CCPA) pressure organizations to protect their consumer and personal data.
ISO 27001 consists of 114 controls (included in Annex A and expanded on in ISO 27002) that provide a framework for identifying, treating, and managing information security risks.
A summary of the ISO/IEC 27001: 2013 controls
• A.5 Information security policies
• A.6 Organisation of information security
• A.7 Human resources security
• A.8 Asset management
• A.9 Access control
• A.10 Cryptography
• A.11 Physical and environmental security
• A.12 Operational security
• A.13 Communications security
• A.14 System acquisition, development and maintenance
• A.15 Supplier relationships
• A.16 Information security incident management
• A.17 Information security aspects of business continuity management
• A.18 Compliance