ISO27001 Overview

arrow-down
arrow-down

Data Security

At Airangel we take security very seriously. In today’s fast moving society, people and businesses everywhere need to connect with each other. It is Airangel’s commitment to make that connection and the surrounding experience the very best it can be. In this age of interconnectivity and information sharing; if you do not have a robust and secure network system then you leave yourself open for attack. Airangel are fully committed to the ISO27001 Certification and pride ourselves on delivering the standards set by the program.

As an ISO27001 certified organisation we adhere to the objective to “provide requirements for establishing, implementing, maintaining and continuously improving an Information Security Management System (ISMS)”

We, as a company, have conducted widespread risk assessments which plan for events such as loss of emails, server issues and loss of data. Each have an extensive plan in case of an incident so that the company is prepared for any eventuality. Information security is suitably protected and we adhere to the three categories of information security:

* Confidentiality: ensuring that information is accessible only to those authorised to have access.

* Integrity: safeguarding the accuracy and completeness of information and processing methods.

* Availability: ensuring that authorised users have access to information and associated assets when required.

All areas of Airangel are committed to reinforcing these standards and we are consistently looking at ways to improve upon our information management system.

More about ISO27001

ISO27001 is a specification for an information security management system (ISMS). An ISMS is a framework of policies, procedures that includes all legal, physical, technical controls involved in an organisations information risk management process.

ISO27001 was developed to “provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improve information security management system”

ISO27001 specifications defines a six-part planning process

1) Define security policy

2) Define scope of the ISMS

3) Conduct a risk assessment

4) Manage identifiable

5) Select control objectives and controls to be implemented

6) Prepare a statement of applicability

ISO27001 uses a top down, risk based approach and is technology neutral

Specification includes details for documentation, management responsibility, internal audits, continual improvement, corrective and preventive action

Standard requires cooperation among all sectors of organisations