Actually, there are several other registrations that are in place. We completed ours in December of 2005, about 24 hours behind Fujitsu Japan, who lay claim to being the first organization worldwide to be 27001 certified.

I certainly hope that people realize the potential of utilizing an ISMS based on ISO/IEC 17799 and ISO/IEC 27001. The benefits are numerous, including for non-IT areas.

I would also advise people to watch what industry players are doing, to see what is coming down the pipe. The Federal Reserve Bank of New York was originally certified under BS 7799, and the entire Federal Reserve system is slowing appearing to move this direction. This can have a major impact on how organizations deal with Safety and Soundness reviews.

Scott

Victor,

Indeed I do believe that the uptake of ISO 27001 will be similar to that of ISO 9001 in time. We are in the midst of seeing greater regulatory and statutory controls to govern security & privacy and ISO presents a measurable and certifiable framework to address such issues; and much more.

As the breach of information security assets & intellectual property becomes more and more frequent, and it will (poor VA), organizations will look to ensure that the data they are trading with business partners, vendors and employees is done so securely. Such that they know what the risks to these transactions are and have addressed those risks from a defensible position: enter ISO. I imagine the legislative landscape of the future won't take too kindly to those entities that are incapable of and/or disinterested in securing their assets. There's simply too much at stake.

Scott;

Congratulations on your 27001 certification. For the record, the Federal Reserve Bank of NY currently holds two certifications. The 27001:2005 certification of the NIRT Security Operations Center and BS7799-2:2002 for their ISF organization. I could not agree more with your comment regarding the benefits of certification.

Barry

Scott;

Congratulations on your 27001 certification. For the record, the Federal Reserve Bank of NY currently holds two certifications. The 27001:2005 certification of the NIRT Security Operations Center and BS7799-2:2002 for their ISF organization. I could not agree more with your comment regarding the benefits of certification.

Barry

As a security consultant I have specialized in the networking aspects of Security. Management of security is an important aspect that companies should master. With ISO 27001 it is the opportunity for companies to highly improve their security and build people awarness as well as processes.

Congratulation for your certification

Christian ALT

Telecom and Logistics Associates
Certified auditor ISO 27001

My first ISO 27001:2005 audit is in one week, and I can say without a doubt it has been extremely useful. We have found many areas where we needed improvement, and created processes to resolve those issues. We now have documentation for almost all of the processes we do, assuring uniform results no matter who performs a task. Other groups within my organization have been ISO 27001 certified with the same auditor that is coming to perform my group's audit, and they all have stated that he is very thorough, adding to the credibility of the certification.

Hi Scott,

Congratulations on your certification, I know I am too late to congratulate you, but just wanted to add a point here that most of the organizations even today ignore the importance of security issues and it is once they face any threat they realise that they have to go for ISO 27001. It is all basically depends on the top management if they really want to be secure in this fast growing technology world.

Regards
Kumar M
Process Consultant(ISO 9001, ISO 27001,CMMI)
kumar.exe@gmail.com