ISO 27001 for DoD Contractors
Do you need information security management, or is your client requiring ISO 27001?
ISO 27001 can be implemented in any of the sectors where confidentiality of data is crucial. For example, DoD IT Services, Commercial IT sector, Banking, Finance, Healthcare, etc.
ISO/IEC 27001:2013 specifies the requirements
for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. The requirements set out in ISO/IEC 27001:2013 are generic and are intended to be applicable to all organizations, regardless of type, size or nature.
This International Standard has been prepared to provide requirements for establishing, implementing, maintaining and continually improving an information security management system. The adoption of an information security management system is a strategic decision for an organization. The establishment and implementation of an organization’s information security management system is influenced by the organization’s needs and objectives, security requirements, the organizational processes used and the size and structure of the organization. All of these influencing factors are expected to change over time.
The information security management system
