ISO 27001 FAQ

ISO 27001 Certification - FAQ

The following information will help you understand in sufficient detail why ISO 27001 certification is important and how it helps to demonstrate our commitment to providing a secure infrastructure for your business-critical applications and data.

What is ISO 27001 certification?

ISO 27001 is a security management standard that specifies security management best practices and comprehensive security controls following the ISO 27002 best practice guidance. This is a widely-recognized international security standard in which our customers showed interest. Certification in the standard requires us to:

• Systematically evaluate our information security risks, taking into account the impact of company threats and vulnerabilities
• Design and implement a comprehensive suite of information security controls and other forms of risk management to address company security risks
• Adopt an management process to ensure that the information security controls meet the our information security needs on an ongoing basis

The key to the ongoing certification under this standard is the effective management of a rigorous security program. The Information Security Management System (ISMS) required under this standard defines how we perpetually manage security in a holistic, comprehensive way. The ISO 27001 certification is specifically focused on the MCS Ltd Network and Security Services Division ISMS and measures how our internal processes follow the ISO standard. Certification means a third party accredited independent auditor has performed an assessment of our processes and controls and confirms they are operating in alignment with the comprehensive ISO 27001 certification standard.

How does this certification impact MCS Ltd?

The accredited division of MCS Ltd welcomes the ISO 27001 standard and best practices. The certification confirms our longstanding commitment to the security of our services to our customers. Going through the certification process confirms that we are addressing each element of the ISO standard and that our management practices follow internationally-recognized best practices.

What does this mean to you as a customer?

Our ISO 27001 certification demonstrates our commitment to information security at every level. Compliance with this internationally-recognized standard, validated by an independent third-party audit, confirms that our security management program is comprehensive and follows leading practices. This certification provides more clarity and assurance for customers evaluating the breadth and strength of our security practices.

Who is the certifying agent?

The British Standard Institution (BSI) is the National Standards Body of the UK, with a globally recognized reputation for independence, integrity and innovation in the production of standards that promote best practice. It develops and sells standards and standardization solutions to meet the needs of business and society.

Can a copy of the ISO 27001 standard be provided?

You may purchase a copy online from various sources, such as the BSI website.