ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. The requirements set out in ISO/IEC 27001:2013 are generic and are intended to be applicable to all organizations, regardless of type, size or nature.

Qadit can help you get certified under ISO 27001. Our consultancy services include

The standard requires compliance to 114 controls across 14 groups and 35 control objectives.

There is no one size that fits all. Qadit can help you develop customised policies for compliance with the required controls in line with your business requirements and control framework.