By Claire West
IT Governance (ITG), the world’s one-stop shop for ISO27001 products and services, is launching another unique service to help organisations cost-effectively comply with the international information security standard ISO/IEC 27001.
ISO27001 requires an organisation to develop an information security management system (ISMS) that takes into account ‘business and legal or regulatory requirements and contractual security obligations’. The new ITG ISO27001 Compliance Database and Update Service is the best way possible of meeting that requirement.
Alan Calder, Chief Executive of IT Governance, says: ‘As every ISMS project manager knows, trying to track down all the documents needed for ISO27001 compliance is challenging enough. Making sense of those documents is another battle. We not only gather the vital information into one place, we also make sure that your compliance obligations are explained in plain English.’
Critically, the ITG ISO27001 Compliance Database and Update Service helps any organisation to comply with five key ISO27001 Annex A controls, covering the identification of applicable legislation; intellectual property rights; the protection of organisational records; data protection and privacy of personal information; and the regulation of cryptographic controls. These five controls all impose specific requirements in terms of identifying and then remaining up-to-date with statutory, regulatory and contractual obligations.
As well as providing all the statutes and regulations relevant to the five key ISO27001 Annex A controls, the many other elements of the ITG ISO27001
Compliance Database and Update Service include:
• key international regulations and frameworks, such as European Union regulations and US ‘safe harbor’ provisions for data protection;
• easy-to-understand summaries of statutes and regulations, as well as links to the full texts;
• the ability to create a compliance audit trail, and;
• a schedule of data retention requirements, by document type.
Subscribers to the service will receive monthly database updates, including information about changes to (or new) statutes and regulations, together with implementation guidance and links to relevant ISO27001 Annex A
Calder concludes: ‘Put simply, the ITG ISO27001 Compliance Database and Update Service saves you time, money and stress. What more could you want?’
The ITG ISO27001 Compliance Database and Update Service can be bought online at: www.itgovernance.co.uk. A one-year service subscription costs £395 ($589.49/€434.43), with a three-year subscription available for £1,095. A pre-launch 10% discount price is available for orders placed before September 30 2010.