By Adam Turteltaub

ISO 27001 is the leading standard for information security management systems. As Mel Blackmore, CEO of UK-based Blackmores explains, it is a framework that applies and is of value regardless of an organization’s size, sector or country.

Organizations seek ISO 27001 certification to ensure that their IT security reflects best practices. It also brings to organizations a systematic approach to work in this area. In addition, potential business partners will have greater confidence that your organization has robust data defenses.

Most organizations have a head start when it comes to becoming ISO 27001 certified. Many existing IT security practices are likely to be consistent standards. To get the rest of the way to certification, she outlines several steps including:

Determine where your organization is already compliant

Conduct a gap analysis

Performing a risk assessment

Creating policies and procedures

Listen in to learn more about meeting this important ISO standard and what it will take to maintain certification.