Your i2ISO 27001:2013 information security management system (ISMS) is designed to prevent unauthorised access, use, disclosure, disruption, modification, inspection, recording or destruction of information, regardless of the form your information and data may take (e.g. electronic, physical).
- Risk identification to identify risks to the information asset inventory.
- Risk analysis and valuation of information assets by assessing the business impact of a breach of confidentiality, integrity and availability.
- Risk evaluation by assessing risks to information assets against a common list of threats, calculating the overall risk and vulnerability score.
- Risk treatment by selecting controls to treat risks or perceived threats identified during the risk assessment process.