LISTSERV - RECMGMT-L Archives - LISTSERV.IGGURU.US

RECMGMT-L Archives

Records Management

RECMGMT-L@LISTSERV.IGGURU.US

	LISTSERV Archives
	RECMGMT-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: ISO 27001, Information Security Management
From:	Jenny Evans <[log in to unmask]>
Reply To:	Records Management Program <[log in to unmask]>
Date:	Tue, 17 Jun 2008 13:26:59 +1000
Content-Type:	text/plain
Parts/Attachments:	text/plain (30 lines)

Hi Kathleen

I have worked for an organisation which acquired ISO 27001 certification.
The certification process was undertaken by a certifying body such as
Lloyds of London.

In the case of this organisation they sought certification on their data
centres as opposed to the entire network which they managed. This means
you can just certify part of the IT infrastructure.

One of the keys to certification was having an approved records policy and
procedures in place.

Just because an organisation is compliant does not mean their data does
not come with viruses.

There are questions which need to be asked. For example what risks were
accepted as part of the certification? What has been certified? Was it the
indexed items?

I hope this helps.

Regards
Jenny Evans

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]

ATOM RSS1 RSS2

LISTSERV.IGGURU.US