Today, information technology in organizations is the main tool for the affairs and work processes, and it facilitates and accelerates operations. With the advent of new and diverse facilities and solutions, institutions are becoming more and more dependent on this technology. Without proper planning and monitoring, information technology can be a source of new challenges and barriers for organizations.
In order to maintain, control and improve the performance of information technology in different environments and with different goals and functions, various frameworks and standards have been prepared by reputable global organizations that cover different aspects of related activities.
Information and Communication System Standards
- ISO/IEC 20000 is the international standard specifically for IT Service Management. It describes an integrated set of management processes which form a service management system for the effective delivery of services to the business and its customers.
- The ISO 27000 family is a series of mutually supporting information security standards that can be combined to provide a globally recognized framework for best-practice information security management. Some of the important standards of this family is mentioned below:
- ISO / IEC 27001 Information Technology Standard - Security Techniques - Information Security Management Systems - Requirements: This standard provides all the necessary requirements for the establishment and operation of an information security management system.
- ISO / IEC 27009 IT standard - Security techniques – representation of ISO / IEC 27001 in specific business areas - Requirements: This international standard includes requirements for the use of ISO / IEC 27001 in various specific areas such as exclusive industries or markets.
for more information, please contact our consultants at Iranian Govah Cosar Company.