ISO 27001

J

Thread Starter

Jeremy Pollard

Good evening all... am looking for someone to dialog with regarding this regulation (ISO 27001)....???? can someone help??? TIA

Cheers from: Jeremy Pollard, CET The Caring Canuckian!
Crisis, necessity, change
 
J

Jeremy Pollard

Thank you... is this a regulatory platform for what companies do in the US? Is there an equivalent regulation as such that is in use here? Who really cares if a company is ISO 27001 compliant.. anyone?
TIA - all seems very confusing!!!

Cheers from: Jeremy Pollard, CET The Caring Canuckian!
Crisis, necessity, change
Ontario, Canada
 
I doubt companies in the US are interested in European Regulation...
And the UK has shown (as in 'Brexit' !) what it thinks of European Regulations - especially as in this case it originated in the UK. the Euro-bureaucrats then throw it back at us as though they thought it up.

I'm not aware of equivalent Regulation in the US...cyber-security is kind of self-regulating, with many US companies hot on the subject!
 
J

Jeremy Pollard

Thx oneeye14.. appreciated... have you heard of or seen " top 20 CriticalSecurity Controls (CSC)"? when I spoke with Marty Edwards of DHS - US_CERT he said that if it isn't regulated it wont happen. But ISO stuff is really elective, although some companies require ISO
certification to do business etc.

Wondering if regulation will ever be enforced by law as such..

Cheers from: Jeremy Pollard, CET The Caring Canuckian!
Crisis, necessity, change
 
Jeremy,

In my industry, power generation and turbine control, I am starting to see ISO 27001 trickle down when we talk about supply chain and OT systems. I believe this trend will continue as end customers and OEM's start to implement supply chain cyber security requirements with vendors.
 
J

Jeremy Pollard

Thx Sundbug .. appreciated... may I ask which parts or sections are the more important areas?? Or is it simply all parts?? TIA:)

Cheers from: Jeremy Pollard, CET
The Caring Canuckian!
Crisis, necessity, change

'I DID'
 
ISO27001 is a standard (part of a suite of standards) developed for IT systems. Because ISO27001 was not specific for use in industrial control systems, ISA formed ISA99 in the early 2000 time frame to develop control system cyber security standards. The suite of control systems cyber security standards are IEC62443.

Joe Weiss, Managing Director ISA99
[email protected]
 
ISO/IEC 27001:2013 (also known as ISO27001) is the international standard that sets out the specification for an information security management system (ISMS). Its best-practice approach helps organisations manage their information security by addressing people and processes as well as technology.

iso 14001 certification
 
Top