|
|
|
|
 |
|
|
 |
ISO/IEC 27001 is an auditable international standard which defines the requirements for a company’s Information Security Management System (ISMS). The standard is designed to ensure the selection of adequate and proportionate security controls, and is the only such standard currently in existence.
Information is critical to the operation and perhaps even the survival of every organization. By being certified to ISO/IEC 27001, NICE manages and protects its valuable information assets.
NICE was first registered as ISO/IEC 27001 compliant in April 2007, and has received regular surveillance audits since then.
This helps the company to protect its information assets and gives additional confidence to any interested parties, especially, of course, our customers. The standard requires NICE to adopt a process approach for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving our ISMS.
ISO/IEC 27001 is also highly important because NICE manages information on behalf of our customers, and accreditation helps to assure them that their information is being properly protected.
The ISO/IEC 27001 benefits for NICE include:
- Independently demonstrating and assuring that the company’s internal controls meet corporate governance and business continuity requirements.
- Independently demonstrating that applicable laws and regulations are observed in order to protect company information (internal and external).
- Demonstrating to our customers that the security of their information is paramount.
- Independently verifying that any company risks are properly identified, assessed and managed, while formalizing information security processes, procedures and documentation.
- Proving that NICE's management is committed to the security of its information.
A regular assessment process is part of ISO/IEC 27001, and helps the company to monitor performance on an ongoing basis.
More information on ISO-27001 is available here.
|
|
|
|
|
|
