The ISO 27001 standard was published in October 2005, essentially replacing the old BS7799-2 standard. It is the specification for an ISMS, Information Security Management System. BS7799 itself was a long standing standard, first published in the nineties as a code of practice. As this matured, a second part emerged to cover management systems. It is this against which certification is granted. Today in excess of a thousand certificates are in place, across the world.
ISO 27001 enhanced the content of BS7799-2 and harmonized it with other standards. A scheme has been introduced by various certification bodies for conversion from BS7799 certification to ISO27001 certification.
The objective of the standard itself is to “provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an Information Security Management System”.
Regarding its adoption, this should be a strategic decision. Further, “The design and implementation of an organization’s ISMS is influenced by their needs and objectives, security requirements, the process employed and the size and structure of the organization”.
The standard defines its ‘process approach’ as “The application of a system of processes within an organization, together with the identification and interactions of these processes, and their management”. It employs the PDCA, Plan-Do-Check-Act model to structure the processes.
QRS expresses great disappointment in informing all interested (staff, customers , Auditors (part time) friends ) of the withdrawal of our EIAC accreditation after the completion of a 3-year cycle and total 10 years of relations.
Any and all concerned individuals are informed of the withdrawal and the matter is being legally dealt with by QRS. QRS holds confidence in its proceedings and portrays no reluctance in taking action. Our company ensures all employees, customers and interested parties that adequate arrangements are in place and that QRS will continue to provide excellence in our services.
CEO of QRS extends comfort to all employees and stakeholders, stating "Only Allah has the right to give judgement on such matters and surely we will return to him hereafter' and staying hopeful about the company's future.
" I encourage everyone to trust in the higher power. May Allah keep us all safe and bring the justice we deserve"