Which standards should I implement? (Part I)



In a previous SiTF newsletter, we uncovered how Standards make an impact on individual industries and the benefits they bring to businesses. This time, we will examine in depth some common Standards in the ICM industry that your organization can choose to adopt.

 

A. Common Standards implemented in the ICM industry

 

The two most popular and recognized Standards across the world are ISO/IEC 27001 and ISO 9001. ISO/IEC 27001 global certifications grew 20 percent in 2015, with the East Asia-Pacific and Europe regions having the largest share of total certifications. ISO 9001 is common due to its use across all industries and over 1 million companies in 170 countries are certified.

 

Standard

ISO / IEC 27001

Information Security
Management Systems (ISMS)

ISO 9001

Quality Management

What is it?

A method that systematically manages sensitive information to ensure data security. It employs
a risk management process to manage people, processes and IT systems.

 

A standard that establishes a quality management system to ensure products and services have consistent high quality. Customer satisfaction is also stressed as part of the quality assurance and helps businesses constantly improve.

 

 

B. How do these individual Standards help ICM companies? What can they be applied to?

 

 

Standard

ISO / IEC 27001

Information Security
Management Systems (ISMS)

 

ISO 9001

Quality Management

How does it help?

Small, medium and large enterprises from all industries
will benefit from a secure information system that ensures its assets and client information
is kept confidential.

Businesses grow in effectiveness which drives down internal costs and raises customer satisfaction. It supports ready expansion into new markets as ISO 9001 is commonly expected from clients and various sectors to do business.

What can it be applied to?

ICT systems

Financial information

Intellectual property

Employee details

Client data

 

Business objectives

Customer satisfaction

Supply chain process

Organisation risks

Business opportunities

Productivity levels

 

In the next issue, we look at two other standards – SS584 which is a cloud security standard, and the SS 507 which impacts ICT Disaster Recovery Service Providers.

 

Sources:

 

https://www.iso.org/isoiec-27001-information-security.html

https://www.iso.org/iso-9001-quality-management.html

https://www.singaporestandardseshop.sg/

https://www.spring.gov.sg/Resources/Documents/50_years_of_quality_and_standards/web/flipviewerxpress.html

https://www.tuv-sud-psb.sg/sg-en/activity/auditing-system-certification/business-continuity-amp-disaster-recovery-bc-dr

https://www.bicsi.org/pdf/Regions/southeastasia/SS507_Service_Provider_DR.pdf

https://www.imda.gov.sg/about/newsroom/archived/ida/speeches/2010/20101013181832

https://www.imda.gov.sg/industry-development/infrastructure/ict-standards-and-frameworks/mtcs-certification-scheme/multi-tier-cloud-security-certified-cloud-services


Contributed by Arcis Communications


SiTF PR Agency

Published date: 12 Oct 2017