Which standards should I implement? (Part I)

In a previous SiTF newsletter, we uncovered how Standards make an impact on individual industries and the benefits they bring to businesses. This time, we will examine in depth some common Standards in the ICM industry that your organization can choose to adopt.


A. Common Standards implemented in the ICM industry


The two most popular and recognized Standards across the world are ISO/IEC 27001 and ISO 9001. ISO/IEC 27001 global certifications grew 20 percent in 2015, with the East Asia-Pacific and Europe regions having the largest share of total certifications. ISO 9001 is common due to its use across all industries and over 1 million companies in 170 countries are certified.



ISO / IEC 27001

Information Security
Management Systems (ISMS)

ISO 9001

Quality Management

What is it?

A method that systematically manages sensitive information to ensure data security. It employs
a risk management process to manage people, processes and IT systems.


A standard that establishes a quality management system to ensure products and services have consistent high quality. Customer satisfaction is also stressed as part of the quality assurance and helps businesses constantly improve.



B. How do these individual Standards help ICM companies? What can they be applied to?




ISO / IEC 27001

Information Security
Management Systems (ISMS)


ISO 9001

Quality Management

How does it help?

Small, medium and large enterprises from all industries
will benefit from a secure information system that ensures its assets and client information
is kept confidential.

Businesses grow in effectiveness which drives down internal costs and raises customer satisfaction. It supports ready expansion into new markets as ISO 9001 is commonly expected from clients and various sectors to do business.

What can it be applied to?

ICT systems

Financial information

Intellectual property

Employee details

Client data


Business objectives

Customer satisfaction

Supply chain process

Organisation risks

Business opportunities

Productivity levels


In the next issue, we look at two other standards – SS584 which is a cloud security standard, and the SS 507 which impacts ICT Disaster Recovery Service Providers.












Contributed by Arcis Communications

SiTF PR Agency

Published date: 12 Oct 2017