Skip navigation

Sage Hostingpowered by Paradise Computing Ltd PARADISE Logo
 

What Is ISO27001 & Does It Matter?

ISO27001:2005 is the internationally recognised certification for DATA SECURITY. This assures you that:

  • The company running the centre have developed an Information Security Management System (ISMS) which has been successfully tested and audited by an external auditor.
  • Proper thought has been given to all aspects of data security, including physical and environmental issues as well as digital and electronic threats.
  • That the company regularly reviews it's procedures and policies to ensure it is current.

Eleven areas are covered within ISO 27001:2005.

  • Information Security Policy - Is there management direction and a written policy to provide support and direction for information security activities?
  • Organisational Security - Is there an infrastructure to manage security within the organisation? - includes management forum and processes, third party access and outsourced arrangements
  • Asset Management - Are organisational assets protected? - Includes inventory and classification
  • Human Resources Security - Are the risks of human error or fraud reduced? - Includes personnel screening and T&C's, security training and incident reporting
  • Physical and Environmental Security - Is unauthorised access to business premises controlled? - Includes physical security, secure areas, equipment security, maintenance and disposal.
  • Communications and Operations Management - Are information processing facilities operated in a correct and secure manner – Includes operating procedures and change control, system planning, protection against malicious software, backup, media handling, information exchange, and email security.
  • Access Control - Is access to business information and processes controlled on the basis of business and security requirements? - Includes user and password management, mobile users, access to applications and network services.
  • Information Systems - Is security is built into information systems? - Includes development and support processes, cryptography and data validation.
  • Incident management - Are events and weaknesses reported, and are events consistently managed?
  • Business Continuity - Are critical business processes protected from the effects of major failures or disasters?
  • Compliance - Does the firm take measures to avoid breaches of law, statutory , regulatory or contractual obligations
Paradise & ISO27001
Paradise is audited by BSi and has been certified since 2006 having been found to meet the ISO 27001:2005 standard.
In addition to providing a world-standard service this enables Paradise to provide you with a copy of our certification which can help greatly with issues of compliance to quality systems.
Paradise Hosting Centre
Click here to return to the Sage Cloud Hosting home page Benefits click here to see why you want Sage in the cloud Technical: Click here for technical information about Sage in the cloud Case Studies: Click here to see how others have made the move to the cloud ISO27001:2005: Click here for information on the ISO Certification Sage 200 Rental: Click here to learn how to rent Sage 200 instead of buying it Sage 200 CRM: Click here to learn learn more about how to benefit from Sage CRM on the cloud Click here to view our library of techniques used to address issues with hosting Sage systems in the cloud Click here to contact us regarding Sage systems in the cloud