• +90 212 702 00 00
  • +90 532 281 01 42
  • I info@muayene.co
trarbgzh-TWenfrkadefaru

ISO 27001 Information Security Management System

In both the world and in our country, information technologies are becoming widespread and usage is rapidly expanding. However, there are some deficiencies in the effective use of these technologies in our country. Especially in our country, information technologies and the importance of information, which is the main ingredient of these technologies, have begun to be understood. What is knowledge and what kind of potential is new is understood. However, it is an entity that has left its mark on the era we are in. Today, knowledge seems to have come to the fore due to the use of technology, but in fact it has a key role from the moment humanity exists and will always have a key role in shaping the future.

Advancing in the information age is like climbing up the stairs by pressing the steps of a ladder. It is easier to share data and information on the lower rungs of the stairs. In this step, people or employees are more open to sharing information. However, when it is raised, the information starts to be valued and the sharing is now more difficult.

The data corresponds to the data expression in English (Latin datum, plural data). Euclid, the mathematician in 300, used data in one of his works. Data is a raw, unprocessed form of knowledge. Information is the way data is arranged to have a meaning. Or processed data.

Thanks to the rapid information processing and communication tools provided by technology today, the production, storage, preservation, use, dissemination, sharing, interaction and increase of information have gained tremendous speed. Especially the contribution of the Internet in this extremely large. The way people communicate, work and meet their daily needs is in a constant state of transformation.

The size, transport and storage of the information produced are among the most important issues of our day. The information produced is stored in paper, film, magnetic and optical storage media and transmitted using electronic channels, especially the Internet.

All of the printed collection stored in the American Congress Library has an information capacity of 10 tera bytes. However, the information capacity produced and stored in 2002 is one hundred thousand times that. 92 of this information is usually stored on hard disks. 98 of this information was sent and received via mobile phones. The percentage 10 was streaming over the Internet.

Nowadays, people are bombarded with intense information. For this reason, it is important to use selective methods to reach information and to access the information that is desired to be accessed directly. Another important point is to ensure the safety of information.

Information security is the work carried out with the aim of ensuring that the information stored in the electronic environment is not compromised during the storage and transportation, to protect it from unauthorized access and to provide a reliable information processing environment. An appropriate security policy must be identified and implemented. These policies are aimed at interrogating information-oriented activities, monitoring access, recording and evaluating the changes, and restricting the deletion of information. The counterparty is considered malicious in terms of information security. These are hackers or aggressive people.

In 2005, ISO / IEC 27001 standard has been published by the International Organization for Standardization (ISO) to provide information security. The basis of this standard is the BS 7799 standard published by the British Standards Institute. A few of the standards that make up the Information Security Management System are:

  • TS EN ISO / IEC 27000 Information technology - Security techniques - Information security management systems - Overview and dictionary
  • TS EN ISO / IEC 27001 ... Requirements
  • TS EN ISO / IEC 27002 ... Application for information security controls
  • TS ISO / IEC 27003 ... Information security management system implementation guide
  • TS ISO / IEC 27005 ... Information security risk management
  • TS ISO / IEC 27006 ... Requirements for organizations engaged in the inspection and certification of information security management systems
  • TS ISO / IEC 27007 ... Guidance for information security management systems audit
  • TS ISO / IEC 27008 ... Information security controls guide for auditors
  • TS ISO / IEC 27014 ... Information security governance
  • TS ISO / IEC 27015 ... Information security guide for financial services

 

 

Certification Services