Information Security
International Organization for Standardization (ISO 27001)
Overview, Goals, and Scope
Synthèse
ISO 27001 provides an international methodology for implementing, managing, and maintaining information security within a company. This information security management system (ISMS) framework minimizes risk and ensures business continuity by proactively limiting the impact of a security breach. ISO 27001 is a globally recognized information security standard, with more than 40,000 organizations certified.
Goals
ISO 27001 compliance ensures that organizations protect their consumer and personal data. It is becoming increasingly important as regulatory requirements (such as the GDPR, HIPAA, and CCPA) are ubiquitous. In addition, ongoing risk assessments help identify security threats and vulnerabilities that need to be managed through a set of controls. ISO 27001 consists of 114 controls that provide a framework for identifying, treating, and managing information security risks.
Scope
- FortiGuard portfolio of security services
- FortiCloud portfolio of services
Key Principles
Protect your data, wherever it lives
Protects all forms of information, whether digital, paper-based, on-premises, or in the cloud.
Defend against cyber-attacks
Significantly reduce your organization’s cybersecurity and data breach risks.
Respond to evolving security threats
Compliant organizations are more agile and able to respond to evolving information about security risks.
Drive an information-security culture
Employees are more aware of information security risks, and security measures are wide-reaching across all facets of the organization.
Meet contractual obligations
Assures Fortinet’s and your organization’s commitment to information-security practice and compliance with information security measures across your supply chain.
