Information security
ISO 27001 it is one of the best tools that exist for the prevention of cyber-attacks and filtering of sensitive information and to certify the commitment of the organizations with the security of your information.
The information security of your company matters.
The ISO-27001:2017 collect all the necessary requirements that an organization must meet in order to ensure that your management of data and information is safe.
It is written by the best specialists in cyber security in the world, and provides a methodology for implementing the management of information security in an organization. Getting the certificate,you your company proves to be applying the methodology of the primary standard to the global information security
¿Where now the norm?
The standard enables the company through
- Implementation of security controls
- Training to staff on the main techniques of cyber-attack to prevent them
- Methodology of evaluation and treatment of risks in information security
What is ISO 27001 will bring to your organization
You'll create confidence in customers by ensuring the good management of the data entrusted to your organization
To improve the organization of documents and writing processes, it makes it easier for employees to perform their tasks in less time
Cyber attacks are becoming more feared because they may have catastrophic consequences on the financial and commercial. The standard is a shield that can save your business from a dislike of large magnitudes
Every time there are more rules related to the security of the information. ISO 27001 ensures that your organization's compliance with, and save any possible sanction.
How does it work?
ISO 27001 is divided into 11 sections and an annex. Sections 0 to 3 are introductory (they are not mandatory for implementation), while las sections 4 to 10 are mandatory and the organization must implement all of your requirements.
0 – Introduction: explains the purpose of the rule
S1 – Range: he explains that this standard is applicable to any type of organization.
S2 – normative References: makes reference to the ISO 27000 standard in the provided terms and definitions.
S3 – Terms and definitions
S4 – Context of the organization: start of the Planning phase of defining the scope and stakeholders.
S5 – Leadership: it defines the responsibilities of the management and other employees involved, and establishes the policy the company's information security.
S6 – Planning: defines the requirements for the assessment and treatment of risks, the Statement of applicability, the plan of treatment risks, and the determination of the objectives security of the information.
S7 – Support: defines the requirements on the availability of resources, competence, awareness, communication and control of documents and records.
S8 – Operation: understand the implementation of the evaluation and treatment of identified risks, security controls, and other processes necessary to meet the objectives of information security.
S9 – Evaluation of the performance: defines the requirements for the monitoring, measurement, analysis, evaluation, internal audit and revision by the management.
S10 – Improvement: addresses the treatment of nonconformities, correction, corrective action and continuous improvement.
Annex A – this appendix provides a catalog of 114 controls (security measures), distributed in 14 sections.
Our services in the ISO 27001 standard
We can help you from any stage in which you find it: from the idea to its integration with other systems
Implementation of the system
We accompany you give the implementation tailored to your company: from the beginning to get the certification
System maintenance
We assist in the maintenance of the system to maintain the certification
Integration with other systems
If you already have one or more systems that that's settled, you may want to integrate with in order to save you time and money
Tell us about your case
atmnatura@atmnatura.es
960 04 09 71
Ronda Narciso Monturiol 3, Tower B , 4, 5 – Technology Park (Paternal) 46512
English 
Spanish