srijeda, 07.03.2012.
Identity Management Solutions Access
Security Management can be an demonstration of best practice in information security regarding any business, whatever the size, and can cause important cost benefits.
The particular international standard ISO 27001 covers the design, setup, keeping track of together with improvement associated with an information security management system. It can be cast in general terms, applied to your dimensions of organisation, and is also dependent upon human expertise regarding the application in a very specific case. The sister standard, ISO 27002, is often a code of practice for identity management, typically applied in addition to the idea.
Since its publication, there has been an expanding dependence on ISO 27001 security management on the part of companies, specially those that are be subject to rules in this area.
You will find a great deal of ISO 27001 security strategies, along with the details will vary derived from one of organisation to the next. Not every firm will demand almost all probable identity management countermeasures. Small firms, especially, may require merely a the least treatments and technology for being compliant using the standard. This will make it even more critical that a firm's information security management must be done by somebody with expertise and experience of each the particular ISO 27001 standard along with the field involving identity management within general, since the standard itself (intentionally) gives little or no guidance as to how to apply it to certain situations.
So the issue after that becomes one of possibly developing an in-house ISO 27001 function, or hiring specialist expertise from a security firm. Many elements select which is the greatest solution for your business, such as: the dimensions of your business, the particular skill-sets of existing employees, the complexness of your computers and networks, what regulations the business can be subject to, and (of course) the accessible budget.
For larger organisations, it can be much more cost-effective to build up their own in-house function for undertaking ISO 27001 security management, which can after that be a resource for all those additional parts of the company. This is applicable get the job done company is multinational, ever since the ISO 27001 standard is an international one.
When it comes to smaller companies, even so, it will be challenging to justify committing considerable resource to your function which is not necessarily a core business process. It may be more cost-effective to outsource their ISO 27001 security management to your specialist information security firm, particularly when information security requirements tend to be fairly straightforward. This sort of management solution may avoid the have to hire a full-time dedicated employee at a professional-level salary, and will also minimise the necessity to buy specialised software.
Whichever the sort of solution, appropriate ISO 27001 security management can lead to cost savings:
It's clear that security management can be a main element of information security for any business, whatever it's size, as well as should be used seriously - not least as it can result in significant cost savings.
- 12:34 -
