Open AccessBest Practices of Auditing in an Organization using ISO 27001 Standard
Publication year - 2019
Publication title -
international journal of recent technology and engineering
Language(s) - English
Resource type - Journals
ISSN - 2277-3878
DOI - 10.35940/ijrte.b1128.0782s319
Subject(s) - information security management system , itil security management , standard of good practice , information technology infrastructure library , audit , information security , process (computing) , business , information security management , best practice , process management , knowledge management , information technology , engineering management , computer science , computer security , engineering , accounting , management , cloud computing , security service , cloud computing security , security information and event management , network security policy , economics , operating system
In recent year with the intensive use of the information technologies, data security has been turned into a critical and important issue in organizational management. Various Standard and rules are there for the security of Information, for example, ISO/IEC 27001, ISO/IEC 27002. However, organization face different challenges for implementing the standard. In this paper, we present the status of the ISO/IEC 27001 execution process in a Small and Medium Sized Enterprise. By executing ISO 27001, organization got the chance to prove authenticity and show the clients that the organization is working according to recognized best practices. It helped the organization "IKSC Knowledge Bridge Pvt Ltd." in reducing cost, risks, and increases the brand value. The outcomes obtained conclude not just the need to think about the technical, legal aspects of organization but also those related to people like training, knowledge, create awareness, to achieve a successful management of information security