Best practice business certification in organisational operations creates sustainable and productive business outcomes.
ISO 27001 (formally known as ISO/IEC 27001:2005) is a specification for an information security management system (ISMS). An ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organisation’s information risk management processes.
ISO 27001 was developed to “provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an information security management system.”
ISO 27001 uses a top down, risk-based approach and is technology-neutral.
ASTAL also provides direct consultancy for certification and audit preparation as well as tools in operation for:
- ISO 9001 Quality Management Systems (QMS) standard
- AS/NZ AS4801 ISO18001 Health and Safety Management System
- ISO14001 Environmental Management System