When can we talk about implementing an Information Security Management System, according to ISO 27001?

Main Article Content

Mr. Mustapha BOUZIANI , Ms. Meriam MERBAH , Ms. Malika TISKAR , Mr. Aziz ET-TAHIR , Mr. Abdelaziz CHAOUCH


Information Technology is developing at a high pace, but it remains vulnerable to various threats
targeting its integrity, confidentiality and availability. Each organization or institution projects its strategic vision for security concerns by focusing on the information system and risk management. Information security or ISMS is at the heart of this strategy and has become a major issue in information systems management. To this end, it is necessary to know and understand the subject of the implementation of an Information Security Management System according to ISO 27001, which aims to protect any institution or organization from possible loss, theft or alteration of data. This procedure not only defends and preserves the computer systems against intrusions or disasters but also ensures its survival. This standard gives the conceptual good practices which are established to supplement the technical measures thanks to its security norm ISO27002, in order to ensure a full-fledged security... Therefore, it is recommended to implement an ISMS based on ISO 27001 when risks related to the security of the company's data could come up.

Article Details