What is ISO 27001?
ISO 27001 (ISO 27001:2013) is an international standard for the implementation of a best practice Information Security Management System (ISMS). ISO 27001 accreditation requires an organization to bring information security under explicit management control. To achieve ISO 27001, organizations are formally audited and certified. Whilst not every organization will accredit to ISO 27001, many organizations globally use the standard to measure their security policies, processes and controls to ensure that:
- Data handling practices comply with security requirements and sensitive data is protected and managed according to established policies
- User activities comply with appropriate access and usage of sensitive data
- Data at rest and in transit is encrypted, protecting sensitive information from unauthorized access and ensuring compliance with cryptographic controls
- Detailed logs and audit trails are maintained, ensuring that all actions are recorded and anomalies can be detected promptly
- Data transfers are secure and comply with security policies, preventing unauthorized interception or access during transmission
Fortra’s Digital Guardian can help you comply with ISO 27001
Fortra's Digital Guardian can support ISO 27001 compliance through the following features: