ISO 27001

ISO/IEC 27001 (IT Information Management System) is an international standard which provides requirements for an Information Security System, necessary for any enterprise or state body keeping data and other confidential material.

Information Management System is a management system which covers the whole enterprise; it includes staff, procedures and IT systems. Moreover, this kind of system can be integrated in business operations of any type, size or field.

Prior to its implementation the enterprise should prepare a listed inventory of its information assets.

More specifically, an Information Management System incorporates the following:

• Risk Assessment

• Safety Policy

• Statement of Applicability

• Management procedures

• Business Continuity Plan

The implementation of an IMS carries many key benefits for the enterprise both in terms of internal operation as well as in relation to third parties. These include:

• Increased trust among the interested parties (customers, employees, associates, state bodies)

• Documented compliance with current legislation

• Enhancing the company’s credibility

• Securing managed information

• Continuous improvement opportunities through systemic inspections

• Cost reduction from direct and indirect expenditure (computer theft, information systems destruction, reputation, legal liabilities)

• Improve the brand’s image

• Achieve better terms and conditions in insurance companies contracts

• Hold a competitive advantage for any future agreement with the state sector

Samaras & Associates Ltd. possesses the experience and the ‘know-how’ in order to contribute substantially in the development of an Information Management System tailor-made to serve your organisation’s size, structure, data sensitivity and activities.