Information Security Management System (ISMS)
Information Security Management System (ISMS) is a management system which helps companies manage day-to-day information security issues in a systematic way.
The ISO/IEC 27001 standard specifies the requirements needed to implement an effective Information Security Management System (ISMS) in an organization. The organization is assessed and registered based on the specifications.
ISO/IEC 27002 (ISO/IEC 17799:2005) takes the form of guidance notes and recommendations for an organization to initiate, implement and maintain information security in their organization. It contains over 100 security controls to help companies identify elements of the business that impact on information security.
Since Nov 2001, TÜV SÜD PSB has certified numerous companies to the ISMS Certification.
The information security best practices are organized into 11 domains or sections while the certification process typically involves 6 steps.
- We provide objective recommendations for ongoing continuous improvement.
- We focus on the effectiveness of the system and its practicality in the local environment.
- We are a highly professional, independent, impartial and unbiased certification body.
- We have a qualified and experienced pool of auditors around the ASEAN region.
- The TÜV SÜD PSB certificate is recognized and accepted internationally.
"The management understands the importance of impartiality in our certification of management systems. We will use all reasonable efforts to manage all possible conflicts of interest and ensure objectivity of our certification services".