{"id":3240,"date":"2024-07-08T08:02:48","date_gmt":"2024-07-08T06:02:48","guid":{"rendered":"https:\/\/www.savelan.fi\/?p=3240"},"modified":"2024-08-06T09:50:01","modified_gmt":"2024-08-06T07:50:01","slug":"iso-27001-information-security-management-system-basics","status":"publish","type":"post","link":"https:\/\/www.savelan.fi\/en\/iso-27001-information-security-management-system-basics\/","title":{"rendered":"ISO 27001 Information Security Management System Basics"},"content":{"rendered":"<p>ISO 27001 is an essential tool for managing information security. It allows organisations to ensure the confidentiality, integrity and availability of data. Compliance with the standard improves an organisation's information security practices and helps meet regulatory requirements. But what is it all about?<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">What is ISO 27001?<\/h2>\n\n\n\n<p>ISO 27001 is the international standard for information security management. It has been developed in cooperation with the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). ISO 27001 provides organisations with a systematic approach to information security management.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><em>The ISO 27001 standard specifies the requirements for an Information Security Management System (ISMS).<\/em><\/p>\n<\/blockquote>\n\n\n\n<h2 class=\"wp-block-heading\">Information Security Management System (ISMS)?<\/h2>\n\n\n\n<p>ISMS (Information Security Management System) is a system that helps organisations protect their information and manage information security risks. It covers people, processes and technology. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\">What are the ISO 27001 requirements?<\/h2>\n\n\n\n<p>The requirements of ISO 27001 can be broken down into several key categories to help an organisation build and maintain an information security management system. <\/p>\n\n\n<style>.kb-image3240_35366b-3d .kb-image-has-overlay:after{opacity:0.3;}<\/style>\n<figure class=\"wp-block-kadence-image kb-image3240_35366b-3d size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1000\" height=\"563\" src=\"https:\/\/www.savelan.fi\/wp-content\/uploads\/2024\/07\/ISO-27001-vaatimukset-tietoturvakonsultti-Lauri-Jurvanen-SAVE-LAN.png\" alt=\"ISO 27001 requirements Security Consultant Lauri Jurvanen SAVE LAN\" class=\"kb-img wp-image-3273\" srcset=\"https:\/\/www.savelan.fi\/wp-content\/uploads\/2024\/07\/ISO-27001-vaatimukset-tietoturvakonsultti-Lauri-Jurvanen-SAVE-LAN.png 1000w, https:\/\/www.savelan.fi\/wp-content\/uploads\/2024\/07\/ISO-27001-vaatimukset-tietoturvakonsultti-Lauri-Jurvanen-SAVE-LAN-300x169.png 300w, https:\/\/www.savelan.fi\/wp-content\/uploads\/2024\/07\/ISO-27001-vaatimukset-tietoturvakonsultti-Lauri-Jurvanen-SAVE-LAN-768x432.png 768w, https:\/\/www.savelan.fi\/wp-content\/uploads\/2024\/07\/ISO-27001-vaatimukset-tietoturvakonsultti-Lauri-Jurvanen-SAVE-LAN-18x10.png 18w\" sizes=\"auto, (max-width: 1000px) 100vw, 1000px\" \/><\/figure>\n\n\n<style>.wp-block-kadence-advancedheading.kt-adv-heading3240_1b52c9-2e, .wp-block-kadence-advancedheading.kt-adv-heading3240_1b52c9-2e[data-kb-block=\"kb-adv-heading3240_1b52c9-2e\"]{font-size:var(--global-kb-font-size-md, 1.25rem);font-style:normal;text-transform:none;}.wp-block-kadence-advancedheading.kt-adv-heading3240_1b52c9-2e mark.kt-highlight, .wp-block-kadence-advancedheading.kt-adv-heading3240_1b52c9-2e[data-kb-block=\"kb-adv-heading3240_1b52c9-2e\"] mark.kt-highlight{font-style:normal;color:#f76a0c;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}.wp-block-kadence-advancedheading.kt-adv-heading3240_1b52c9-2e img.kb-inline-image, .wp-block-kadence-advancedheading.kt-adv-heading3240_1b52c9-2e[data-kb-block=\"kb-adv-heading3240_1b52c9-2e\"] img.kb-inline-image{width:150px;vertical-align:baseline;}<\/style>\n<p class=\"kt-adv-heading3240_1b52c9-2e wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading3240_1b52c9-2e\"><strong>Here are the ISO 27001 requirements broken down into main categories:<\/strong><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">01.Organisational requirements<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Leadership and management commitment<\/strong>: Senior management involvement in information security management.<\/li>\n\n\n\n<li><strong>Defining the operating environment<\/strong>: Defining the scope of the ISMS and the requirements of stakeholders.<\/li>\n\n\n\n<li><strong>Security policy<\/strong>: Developing and communicating a clear information security policy.<\/li>\n\n\n\n<li><strong>Roles and responsibilities<\/strong>: Defining security roles and responsibilities.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">02.Risk management requirements&nbsp;<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Risk management<\/strong>: Identifying, assessing and managing information security risks.<\/li>\n\n\n\n<li><strong>Suitability statement<\/strong>: Documentation of the security controls used.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">03.Checks and measures<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Security controls<\/strong>: Implementation of technological, administrative and physical controls.<\/li>\n\n\n\n<li><strong>Property to be protected<\/strong>: Definition of the property to be protected and allocation of responsibilities.<\/li>\n\n\n\n<li><strong>Disruption management<\/strong>: Developing contingency plans for security breaches.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">04.Monitoring and evaluation&nbsp;<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Internal audits<\/strong>: Regular audits of the information security management system to ensure compliance.<\/li>\n\n\n\n<li><strong>Management reviews<\/strong>: ISMS performance assessment in management reviews.<\/li>\n\n\n\n<li><strong>Metrics<\/strong>: Using security metrics to assess performance.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">05.Continuous improvement and documentation<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Continuous improvement<\/strong>: Incident handling and continuous improvement of security.<\/li>\n\n\n\n<li><strong>Documentation<\/strong>: Documenting information security policies and processes.<\/li>\n\n\n\n<li><strong>Education and awareness raising<\/strong>: Staff training and security awareness.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">06.Business continuity management&nbsp;<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Business continuity management<\/strong>: Plans and processes to ensure business continuity in the event of disruption.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Benefits of ISO 27001 certification for business<\/h2>\n\n\n<style>.kb-image3240_c6f0e2-6d .kb-image-has-overlay:after{opacity:0.3;}<\/style>\n<figure class=\"wp-block-kadence-image kb-image3240_c6f0e2-6d size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"450\" src=\"https:\/\/www.savelan.fi\/wp-content\/uploads\/2024\/07\/ISO-27001-Sertifikaatti-.png\" alt=\"ISO 27001 Certificate\" class=\"kb-img wp-image-3270\" srcset=\"https:\/\/www.savelan.fi\/wp-content\/uploads\/2024\/07\/ISO-27001-Sertifikaatti-.png 800w, https:\/\/www.savelan.fi\/wp-content\/uploads\/2024\/07\/ISO-27001-Sertifikaatti--300x169.png 300w, https:\/\/www.savelan.fi\/wp-content\/uploads\/2024\/07\/ISO-27001-Sertifikaatti--768x432.png 768w, https:\/\/www.savelan.fi\/wp-content\/uploads\/2024\/07\/ISO-27001-Sertifikaatti--18x10.png 18w\" sizes=\"auto, (max-width: 800px) 100vw, 800px\" \/><\/figure>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Improved security<\/strong>: The certificate helps to protect your organisation's data effectively and reduce security risks.<\/li>\n\n\n\n<li><strong>Regulatory compliance<\/strong>: Ensure that the organisation meets legal and regulatory requirements.<\/li>\n\n\n\n<li><strong>Customer confidence<\/strong>: Increase customer and stakeholder confidence in your organisation's security practices.<\/li>\n\n\n\n<li><strong>Competitive advantage<\/strong>: Improve the reputation and competitive position of the organisation in the market.<\/li>\n\n\n\n<li><strong>Business continuity<\/strong>: Improve business continuity and resilience to security breaches.<\/li>\n\n\n\n<li><strong>Process efficiency<\/strong>: Improve security processes and resource management.<\/li>\n<\/ol>\n\n\n\n<p>These benefits make ISO 27001 a valuable investment for organisations looking to strengthen their security and improve their operations.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Who is ISO 27001 certification suitable for?<\/h2>\n\n\n\n<p>ISO 27001 certification is suitable for a wide range of organisations, especially those that handle sensitive information and want to ensure the security of their data. The certification is particularly useful for:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>For IT companies<\/strong>: Which handle large amounts of data and provide security-related services.<\/li>\n\n\n\n<li><strong>For financial services companies<\/strong>: Who manage the financial information of their customers.<\/li>\n\n\n\n<li><strong>For healthcare organisations<\/strong>: which process patient data and other confidential information.<\/li>\n\n\n\n<li><strong>For public administration organisations<\/strong>: Which need security certification to demonstrate compliance.<\/li>\n\n\n\n<li><strong>For all organisations that want to improve their security practices and trustworthiness in the eyes of their customers and stakeholders<\/strong>.<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\">Overview of the ISO 27001 certification process<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Preparing for certification: the first steps towards certification<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Initial assessment<\/strong>: Identify the current security posture of the organisation and determine the scope of the certification process.<\/li>\n\n\n\n<li><strong>GAP analysis<\/strong>: Identify which areas of the standard are not yet met and which areas need improvement.<\/li>\n\n\n\n<li><strong>Project plan<\/strong>: A detailed plan of the necessary measures and timetables will be drawn up.<\/li>\n<\/ol>\n\n\n\n<h3 class=\"wp-block-heading\">Certification audit: external audit and certification process<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Step 1: Checking the documentation<\/strong>: The certification body checks the ISMS documentation to ensure that it meets the requirements of ISO 27001.<\/li>\n\n\n\n<li><strong>Step 2: On-site audit<\/strong>: The certification body assesses the practical implementation of ISMS in the organisation. This includes interviews, process review and verification.<\/li>\n<\/ol>\n\n\n\n<h3 class=\"wp-block-heading\">Maintenance of certification: ongoing compliance maintenance<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Continuous monitoring<\/strong>: Regular internal audits and management reviews to ensure ISMS effectiveness and compliance.<\/li>\n\n\n\n<li><strong>Re-audits<\/strong>: Periodic re-audits are carried out by the certification body (usually annually) to ensure continuous compliance and improvement.<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\">How do ISO 27001 and NIS2 standards differ?<\/h2>\n\n\n\n<p>ISO 27001 is an international information security management system standard that helps organisations protect their data and manage information security risks. <a href=\"https:\/\/www.savelan.fi\/en\/nis2-directive-2\/\" data-type=\"page\" data-id=\"3408\"><strong>NIS2 Directive<\/strong><\/a> (Network and Information Security Directive 2) is another European Union directive that sets requirements for the security and resilience of network and information systems in the Member States. <\/p>\n\n\n<style>.wp-block-kadence-advancedheading.kt-adv-heading3240_1036c0-be, .wp-block-kadence-advancedheading.kt-adv-heading3240_1036c0-be[data-kb-block=\"kb-adv-heading3240_1036c0-be\"]{font-style:normal;}.wp-block-kadence-advancedheading.kt-adv-heading3240_1036c0-be mark.kt-highlight, .wp-block-kadence-advancedheading.kt-adv-heading3240_1036c0-be[data-kb-block=\"kb-adv-heading3240_1036c0-be\"] mark.kt-highlight{font-style:normal;color:#f76a0c;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}.wp-block-kadence-advancedheading.kt-adv-heading3240_1036c0-be img.kb-inline-image, .wp-block-kadence-advancedheading.kt-adv-heading3240_1036c0-be[data-kb-block=\"kb-adv-heading3240_1036c0-be\"] img.kb-inline-image{width:150px;vertical-align:baseline;}<\/style>\n<h5 class=\"kt-adv-heading3240_1036c0-be wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading3240_1036c0-be\">In the table below you will find similarities and differences:<\/h5>\n\n\n\n<!DOCTYPE html>\n<html lang=\"fi\">\n<head>\n    <meta charset=\"UTF-8\">\n    <title>ISO 27001 vs NIS2<\/title>\n    <style>\n        table {\n            width: 100%;\n            border-collapse: collapse;\n        }\n        th, td {\n            border: 1px solid #dddddd;\n            text-align: left;\n            padding: 8px;\n        }\n        th {\n            background-color: #f2f2f2;\n        }\n    <\/style>\n<\/head>\n<body>\n    <table>\n        <tr>\n            <th>Criterion<\/th>\n            <th>ISO 27001<\/th>\n            <th>NIS2<\/th>\n        <\/tr>\n        <tr>\n            <td>Objectives<\/td>\n            <td>Improve the security of your organisation<\/td>\n            <td>Strengthening the security and resilience of network and information systems in EU Member States<\/td>\n        <\/tr>\n        <tr>\n            <td>Scope<\/td>\n            <td>Organisational security policies<\/td>\n            <td>Critical infrastructure and network and information systems<\/td>\n        <\/tr>\n        <tr>\n            <td>Compliance<\/td>\n            <td>Certification demonstrates compliance with security standards<\/td>\n            <td>Legal requirements that may require specific measures to be met<\/td>\n        <\/tr>\n        <tr>\n            <td>Scope<\/td>\n            <td>International standard<\/td>\n            <td>EU-wide directive<\/td>\n        <\/tr>\n        <tr>\n            <td>Target groups<\/td>\n            <td>All organisations, especially those dealing with sensitive data<\/td>\n            <td>Member States, critical infrastructure operators and digital service providers<\/td>\n        <\/tr>\n        <tr>\n            <td>Coherence and cooperation<\/td>\n            <td>Helping organisations meet regulatory requirements, such as NIS2<\/td>\n            <td>Directive whose requirements can be supported by an ISO 27001 compliant ISMS<\/td>\n        <\/tr>\n    <\/table>\n<\/body>\n<\/html>\n\n\n\n<p><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Frequently asked<\/h2>\n\n\n<style>.kt-accordion-id3240_467139-fe .kt-accordion-inner-wrap{column-gap:var(--global-kb-gap-md, 2rem);row-gap:10px;}.kt-accordion-id3240_467139-fe .kt-accordion-panel-inner{border-top:0px solid transparent;border-right:1px solid transparent;border-bottom:1px solid transparent;border-left:1px solid transparent;background:#ffffff;padding-top:var(--global-kb-spacing-sm, 1.5rem);padding-right:var(--global-kb-spacing-sm, 1.5rem);padding-bottom:var(--global-kb-spacing-sm, 1.5rem);padding-left:var(--global-kb-spacing-sm, 1.5rem);}.kt-accordion-id3240_467139-fe > .kt-accordion-inner-wrap > .wp-block-kadence-pane > .kt-accordion-header-wrap > .kt-blocks-accordion-header{border-top:1px solid #eeeeee;border-right:1px solid #eeeeee;border-bottom:1px solid #eeeeee;border-left:2px solid #eeeeee;border-top-left-radius:0px;border-top-right-radius:0px;border-bottom-right-radius:0px;border-bottom-left-radius:0px;background:#ffffff;color:#444444;padding-top:14px;padding-right:16px;padding-bottom:14px;padding-left:16px;}.kt-accordion-id3240_467139-fe:not( .kt-accodion-icon-style-basiccircle ):not( .kt-accodion-icon-style-xclosecircle ):not( .kt-accodion-icon-style-arrowcircle )  > .kt-accordion-inner-wrap > .wp-block-kadence-pane > .kt-accordion-header-wrap .kt-blocks-accordion-icon-trigger:after, .kt-accordion-id3240_467139-fe:not( .kt-accodion-icon-style-basiccircle ):not( .kt-accodion-icon-style-xclosecircle ):not( .kt-accodion-icon-style-arrowcircle )  > .kt-accordion-inner-wrap > .wp-block-kadence-pane > .kt-accordion-header-wrap .kt-blocks-accordion-icon-trigger:before{background:#444444;}.kt-accordion-id3240_467139-fe:not( .kt-accodion-icon-style-basic ):not( .kt-accodion-icon-style-xclose ):not( .kt-accodion-icon-style-arrow ) .kt-blocks-accordion-icon-trigger{background:#444444;}.kt-accordion-id3240_467139-fe:not( .kt-accodion-icon-style-basic ):not( .kt-accodion-icon-style-xclose ):not( .kt-accodion-icon-style-arrow ) .kt-blocks-accordion-icon-trigger:after, .kt-accordion-id3240_467139-fe:not( .kt-accodion-icon-style-basic ):not( .kt-accodion-icon-style-xclose ):not( .kt-accodion-icon-style-arrow ) .kt-blocks-accordion-icon-trigger:before{background:#ffffff;}.kt-accordion-id3240_467139-fe > .kt-accordion-inner-wrap > .wp-block-kadence-pane > .kt-accordion-header-wrap > .kt-blocks-accordion-header:hover, \n\t\t\t\tbody:not(.hide-focus-outline) .kt-accordion-id3240_467139-fe .kt-blocks-accordion-header:focus-visible{color:#444444;background:#ffffff;border-top-color:#d4d4d4;border-top-style:solid;border-right-color:#d4d4d4;border-right-style:solid;border-bottom-color:#d4d4d4;border-bottom-style:solid;border-left-color:#d4d4d4;border-left-style:solid;}.kt-accordion-id3240_467139-fe:not( .kt-accodion-icon-style-basiccircle ):not( .kt-accodion-icon-style-xclosecircle ):not( .kt-accodion-icon-style-arrowcircle ) .kt-accordion-header-wrap .kt-blocks-accordion-header:hover .kt-blocks-accordion-icon-trigger:after, .kt-accordion-id3240_467139-fe:not( .kt-accodion-icon-style-basiccircle ):not( .kt-accodion-icon-style-xclosecircle ):not( .kt-accodion-icon-style-arrowcircle ) .kt-accordion-header-wrap .kt-blocks-accordion-header:hover .kt-blocks-accordion-icon-trigger:before, body:not(.hide-focus-outline) .kt-accordion-id3240_467139-fe:not( .kt-accodion-icon-style-basiccircle ):not( .kt-accodion-icon-style-xclosecircle ):not( .kt-accodion-icon-style-arrowcircle ) .kt-blocks-accordion--visible .kt-blocks-accordion-icon-trigger:after, body:not(.hide-focus-outline) .kt-accordion-id3240_467139-fe:not( .kt-accodion-icon-style-basiccircle ):not( .kt-accodion-icon-style-xclosecircle ):not( .kt-accodion-icon-style-arrowcircle ) .kt-blocks-accordion-header:focus-visible .kt-blocks-accordion-icon-trigger:before{background:#444444;}.kt-accordion-id3240_467139-fe:not( .kt-accodion-icon-style-basic ):not( .kt-accodion-icon-style-xclose ):not( .kt-accodion-icon-style-arrow ) .kt-accordion-header-wrap .kt-blocks-accordion-header:hover .kt-blocks-accordion-icon-trigger, body:not(.hide-focus-outline) .kt-accordion-id3240_467139-fe:not( .kt-accodion-icon-style-basic ):not( .kt-accodion-icon-style-xclose ):not( .kt-accodion-icon-style-arrow ) .kt-accordion-header-wrap .kt-blocks-accordion-header:focus-visible .kt-blocks-accordion-icon-trigger{background:#444444;}.kt-accordion-id3240_467139-fe:not( .kt-accodion-icon-style-basic ):not( .kt-accodion-icon-style-xclose ):not( .kt-accodion-icon-style-arrow ) .kt-accordion-header-wrap .kt-blocks-accordion-header:hover .kt-blocks-accordion-icon-trigger:after, .kt-accordion-id3240_467139-fe:not( .kt-accodion-icon-style-basic ):not( .kt-accodion-icon-style-xclose ):not( .kt-accodion-icon-style-arrow ) .kt-accordion-header-wrap .kt-blocks-accordion-header:hover .kt-blocks-accordion-icon-trigger:before, body:not(.hide-focus-outline) .kt-accordion-id3240_467139-fe:not( .kt-accodion-icon-style-basic ):not( .kt-accodion-icon-style-xclose ):not( .kt-accodion-icon-style-arrow ) .kt-accordion-header-wrap .kt-blocks-accordion-header:focus-visible .kt-blocks-accordion-icon-trigger:after, body:not(.hide-focus-outline) .kt-accordion-id3240_467139-fe:not( .kt-accodion-icon-style-basic ):not( .kt-accodion-icon-style-xclose ):not( .kt-accodion-icon-style-arrow ) .kt-accordion-header-wrap .kt-blocks-accordion-header:focus-visible .kt-blocks-accordion-icon-trigger:before{background:#ffffff;}.kt-accordion-id3240_467139-fe .kt-accordion-header-wrap .kt-blocks-accordion-header:focus-visible,\n\t\t\t\t.kt-accordion-id3240_467139-fe > .kt-accordion-inner-wrap > .wp-block-kadence-pane > .kt-accordion-header-wrap > .kt-blocks-accordion-header.kt-accordion-panel-active{color:#444444;background:#ffffff;border-top-color:#eeeeee;border-top-style:solid;border-right-color:#eeeeee;border-right-style:solid;border-bottom-color:#eeeeee;border-bottom-style:solid;border-left-color:#0e9cd1;border-left-style:solid;}.kt-accordion-id3240_467139-fe:not( .kt-accodion-icon-style-basiccircle ):not( .kt-accodion-icon-style-xclosecircle ):not( .kt-accodion-icon-style-arrowcircle )  > .kt-accordion-inner-wrap > .wp-block-kadence-pane > .kt-accordion-header-wrap > .kt-blocks-accordion-header.kt-accordion-panel-active .kt-blocks-accordion-icon-trigger:after, .kt-accordion-id3240_467139-fe:not( .kt-accodion-icon-style-basiccircle ):not( .kt-accodion-icon-style-xclosecircle ):not( .kt-accodion-icon-style-arrowcircle )  > .kt-accordion-inner-wrap > .wp-block-kadence-pane > .kt-accordion-header-wrap > .kt-blocks-accordion-header.kt-accordion-panel-active .kt-blocks-accordion-icon-trigger:before{background:#444444;}.kt-accordion-id3240_467139-fe:not( .kt-accodion-icon-style-basic ):not( .kt-accodion-icon-style-xclose ):not( .kt-accodion-icon-style-arrow ) .kt-blocks-accordion-header.kt-accordion-panel-active .kt-blocks-accordion-icon-trigger{background:#444444;}.kt-accordion-id3240_467139-fe:not( .kt-accodion-icon-style-basic ):not( .kt-accodion-icon-style-xclose ):not( .kt-accodion-icon-style-arrow ) .kt-blocks-accordion-header.kt-accordion-panel-active .kt-blocks-accordion-icon-trigger:after, .kt-accordion-id3240_467139-fe:not( .kt-accodion-icon-style-basic ):not( .kt-accodion-icon-style-xclose ):not( .kt-accodion-icon-style-arrow ) .kt-blocks-accordion-header.kt-accordion-panel-active .kt-blocks-accordion-icon-trigger:before{background:#ffffff;}@media all and (max-width: 1024px){.kt-accordion-id3240_467139-fe .kt-accordion-panel-inner{border-top:0px solid transparent;border-right:1px solid transparent;border-bottom:1px solid transparent;border-left:1px solid transparent;}}@media all and (max-width: 1024px){.kt-accordion-id3240_467139-fe > .kt-accordion-inner-wrap > .wp-block-kadence-pane > .kt-accordion-header-wrap > .kt-blocks-accordion-header{border-top:1px solid #eeeeee;border-right:1px solid #eeeeee;border-bottom:1px solid #eeeeee;border-left:2px solid #eeeeee;}}@media all and (max-width: 1024px){.kt-accordion-id3240_467139-fe > .kt-accordion-inner-wrap > .wp-block-kadence-pane > .kt-accordion-header-wrap > .kt-blocks-accordion-header:hover, \n\t\t\t\tbody:not(.hide-focus-outline) .kt-accordion-id3240_467139-fe .kt-blocks-accordion-header:focus-visible{border-top-color:#d4d4d4;border-top-style:solid;border-right-color:#d4d4d4;border-right-style:solid;border-bottom-color:#d4d4d4;border-bottom-style:solid;border-left-color:#d4d4d4;border-left-style:solid;}}@media all and (max-width: 1024px){.kt-accordion-id3240_467139-fe .kt-accordion-header-wrap .kt-blocks-accordion-header:focus-visible,\n\t\t\t\t.kt-accordion-id3240_467139-fe > .kt-accordion-inner-wrap > .wp-block-kadence-pane > .kt-accordion-header-wrap > .kt-blocks-accordion-header.kt-accordion-panel-active{border-top-color:#eeeeee;border-top-style:solid;border-right-color:#eeeeee;border-right-style:solid;border-bottom-color:#eeeeee;border-bottom-style:solid;border-left-color:#0e9cd1;border-left-style:solid;}}@media all and (max-width: 767px){.kt-accordion-id3240_467139-fe .kt-accordion-inner-wrap{display:block;}.kt-accordion-id3240_467139-fe .kt-accordion-inner-wrap .kt-accordion-pane:not(:first-child){margin-top:10px;}.kt-accordion-id3240_467139-fe .kt-accordion-panel-inner{border-top:0px solid transparent;border-right:1px solid transparent;border-bottom:1px solid transparent;border-left:1px solid transparent;}.kt-accordion-id3240_467139-fe > .kt-accordion-inner-wrap > .wp-block-kadence-pane > .kt-accordion-header-wrap > .kt-blocks-accordion-header{border-top:1px solid #eeeeee;border-right:1px solid #eeeeee;border-bottom:1px solid #eeeeee;border-left:2px solid #eeeeee;}.kt-accordion-id3240_467139-fe > .kt-accordion-inner-wrap > .wp-block-kadence-pane > .kt-accordion-header-wrap > .kt-blocks-accordion-header:hover, \n\t\t\t\tbody:not(.hide-focus-outline) .kt-accordion-id3240_467139-fe .kt-blocks-accordion-header:focus-visible{border-top-color:#d4d4d4;border-top-style:solid;border-right-color:#d4d4d4;border-right-style:solid;border-bottom-color:#d4d4d4;border-bottom-style:solid;border-left-color:#d4d4d4;border-left-style:solid;}.kt-accordion-id3240_467139-fe .kt-accordion-header-wrap .kt-blocks-accordion-header:focus-visible,\n\t\t\t\t.kt-accordion-id3240_467139-fe > .kt-accordion-inner-wrap > .wp-block-kadence-pane > .kt-accordion-header-wrap > .kt-blocks-accordion-header.kt-accordion-panel-active{border-top-color:#eeeeee;border-top-style:solid;border-right-color:#eeeeee;border-right-style:solid;border-bottom-color:#eeeeee;border-bottom-style:solid;border-left-color:#0e9cd1;border-left-style:solid;}}<\/style>\n<div class=\"wp-block-kadence-accordion alignnone\"><div class=\"kt-accordion-wrap kt-accordion-id3240_467139-fe kt-accordion-has-3-panes kt-active-pane-0 kt-accordion-block kt-pane-header-alignment-left kt-accodion-icon-style-arrow kt-accodion-icon-side-right\" style=\"max-width:none\"><div class=\"kt-accordion-inner-wrap\" data-allow-multiple-open=\"false\" data-start-open=\"none\">\n<div class=\"wp-block-kadence-pane kt-accordion-pane kt-accordion-pane-1 kt-pane3240_b81811-2e\"><div class=\"kt-accordion-header-wrap\"><button class=\"kt-blocks-accordion-header kt-acccordion-button-label-show\"><span class=\"kt-blocks-accordion-title-wrap\"><span class=\"kt-blocks-accordion-title\">What is ISO\/IEC 27000?<\/span><\/span><span class=\"kt-blocks-accordion-icon-trigger\"><\/span><\/button><\/div><div class=\"kt-accordion-panel kt-accordion-panel-hidden\"><div class=\"kt-accordion-panel-inner\">\n<p>ISO\/IEC 27000 is a family of information security standards that provides a comprehensive framework for information security management systems (ISMS). It covers terminology, principles and best practices for managing information security, helping organisations to protect their information effectively and meet regulatory requirements.<\/p>\n<\/div><\/div><\/div>\n\n\n\n<div class=\"wp-block-kadence-pane kt-accordion-pane kt-accordion-pane-3 kt-pane3240_572e1a-cf\"><div class=\"kt-accordion-header-wrap\"><button class=\"kt-blocks-accordion-header kt-acccordion-button-label-show\"><span class=\"kt-blocks-accordion-title-wrap\"><span class=\"kt-blocks-accordion-title\">ISO 27001 background and history in brief<\/span><\/span><span class=\"kt-blocks-accordion-icon-trigger\"><\/span><\/button><\/div><div class=\"kt-accordion-panel kt-accordion-panel-hidden\"><div class=\"kt-accordion-panel-inner\">\n<h4 class=\"wp-block-heading\">ISO and IEC cooperation&nbsp;<\/h4>\n\n\n\n<p>ISO 27001 has been developed in cooperation with the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). The development of the standard started from the need to create a coherent and international framework for information security management. The first version was published in 2005 and provided a framework for organisations to effectively manage their information security risks.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">ISO\/IEC 27001:2013 update&nbsp;<\/h4>\n\n\n\n<p>In 2013, a major update, ISO\/IEC 27001:2013, was published, bringing a number of improvements and changes, including a more risk-based approach and compatibility with other management system standards such as ISO 9001 and ISO 14001. The most recent changes have focused on improving the applicability of the standard to organisations of different sizes and types, as well as enhancing continuous improvement and risk management.<\/p>\n\n\n\n<p>ISO\/IEC 27001:2013 makes it easier than ever for organisations to integrate security management into their wider management system, increasing the effectiveness of their overall risk management and ensuring a high level of security.<\/p>\n<\/div><\/div><\/div>\n<\/div><\/div><\/div>","protected":false},"excerpt":{"rendered":"<p>ISO 27001 is an essential tool for managing information security. It enables organisations to ensure the confidentiality, integrity and integrity of data...<\/p>","protected":false},"author":11,"featured_media":3244,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_kad_blocks_custom_css":"","_kad_blocks_head_custom_js":"","_kad_blocks_body_custom_js":"","_kad_blocks_footer_custom_js":"","_kad_post_transparent":"","_kad_post_title":"","_kad_post_layout":"","_kad_post_sidebar_id":"","_kad_post_content_style":"","_kad_post_vertical_padding":"","_kad_post_feature":"","_kad_post_feature_position":"","_kad_post_header":false,"_kad_post_footer":false,"_kad_post_classname":"","footnotes":""},"categories":[14],"tags":[],"class_list":["post-3240","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uutiset"],"acf":[],"taxonomy_info":{"category":[{"value":14,"label":"Uutiset"}]},"featured_image_src_large":["https:\/\/www.savelan.fi\/wp-content\/uploads\/2024\/07\/ISO-27001-Standardi-Tietoturvakonsultti-Lauri-Jurvanen-Savelan-selittaa-1024x448.jpg",1024,448,true],"author_info":{"display_name":"Lauri Jurvanen","author_link":"https:\/\/www.savelan.fi\/en\/author\/lauri-jurvanen\/"},"comment_info":0,"category_info":[{"term_id":14,"name":"Uutiset","slug":"uutiset","term_group":0,"term_taxonomy_id":14,"taxonomy":"category","description":"","parent":0,"count":5,"filter":"raw","cat_ID":14,"category_count":5,"category_description":"","cat_name":"Uutiset","category_nicename":"uutiset","category_parent":0}],"tag_info":false,"_links":{"self":[{"href":"https:\/\/www.savelan.fi\/en\/wp-json\/wp\/v2\/posts\/3240","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.savelan.fi\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.savelan.fi\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.savelan.fi\/en\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/www.savelan.fi\/en\/wp-json\/wp\/v2\/comments?post=3240"}],"version-history":[{"count":0,"href":"https:\/\/www.savelan.fi\/en\/wp-json\/wp\/v2\/posts\/3240\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.savelan.fi\/en\/wp-json\/wp\/v2\/media\/3244"}],"wp:attachment":[{"href":"https:\/\/www.savelan.fi\/en\/wp-json\/wp\/v2\/media?parent=3240"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.savelan.fi\/en\/wp-json\/wp\/v2\/categories?post=3240"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.savelan.fi\/en\/wp-json\/wp\/v2\/tags?post=3240"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}