Trading up

The importance and business benefits of ISO 27001 were underlined before Christmas by UK Government minister the Rt. Hon Alun Michael MP, Minister of State for Industry and the Regions.

Speaking at the fourth annual international ‘7799 Goes Global Conference’, he welcomed the launch of ISO 27001, saying, “The standard is a valuable tool that all organisations, including the DTI [Department of Trade & Industry], can use to manage the security of their information assets as a core business activity. This can bring information security into the mainstream of good business practice…Secure information should be at the heart of business thinking and not a technical issue. The standard will be used as a benchmark and will help suppliers and customers have greater confidence in doing business with each other.”

All spot on, and very good to see the Government supporting this. But what if your company is already certified to BS 7799-2: 2002, which the new standard has superseded? Such companies will need to convert to ISO 27001 on a timetable decided by their national accreditation bodies, but the good news is that the benefits significantly outweigh the additional work. Upgrading will both improve companies’ security through the improvements of ISO 27001 over BS 7999 and enable them to benefit from the greater international recognition of the new standard from customers and partners.

To help manage the transition to the new standard smoothly and cost-effectively we have launched an ISO 27001 Converter Kit. This guides you through the changes that must be implemented by mapping new controls to old ones and identifying all the key amendments. It can be purchased online and downloaded for £44.95 from IT Governance Limited here.