Information Security Management System ISO/IEC 27001

Information Security Management System ISO/IEC 27001

The uses of computer networks, tablets and smart phones are being taken more and more for granted these days in both our public and our private lives. At the same time, the risks to data security and data protection are increasing, both internally and externally, when we are communicating in public networks.

The Information Security Management System (I.S.M.S) is a new and better security management system. I.S.M.S. follows a systematic approach to help you to better manage all your confidential and/or sensitive corporate information so that it will remain secure. This type of security management system encompasses all aspects of your company’s assets including people, processes and I.T. systems.

Information security is not just about anti-virus software, implementing the latest firewall or locking down your laptops or web servers. The overall approach to information security should be strategic as well as operational. Different security initiatives should be prioritized, integrated and cross-referenced to ensure an overall effectiveness. Basically, I.S.M.S. helps you to coherently, consistently and cost-effectively coordinate all your security efforts from both the electronic and the physical aspects.

ISO/IEC 27001 is the only auditable international standard and this standard was published jointly by the International Organization of Standardization (I.S.O.) and the International Electrotechnical Commission (I.E.C.). This security standard system has all the best practice specifications in practice today. It will also be of the utmost benefit to any organization in the world by helping them to develop their best security information standard system.

Lembaga Tabung Haji (TH) provides service to assist the Muslim community in the country to fulfils the Fifth Tenet of Islam. With this, the top management of TH has embarked on an ISO/IEC27001 implementation exercise since 2011 with the sole purpose to protect the interest of their customers’ personal information. At the same time, TH is now also able to answer to the Malaysian’s Government recent call for all critical national agencies to be prepared to face any possible cyber threats in the form of any kind of invasions of privacies or information thefts. After going through a thorough assessment, TH is now certified by one of the best certification body in the world, DQS.

During a press conference that was held on 20 June 2012, the CEO of TH, Datuk Ismee Ismail said, “It is TH’s effort to continuously provide value added services to all our customers with the best practices in information security management system in order to protect our customers’ interests. This is also vital because TH also operates as a financial institution managing all the pilgrims’ funds from all over Malaysia.”

isoiec27001Mr. Michael Drechsel (R2) DQS UL Group MD & President of IQNet hands over the ISO/IEC 27001 certificate to the CEO of Lembaga Tabung Haji Datuk Ismee Ismail (R3)

With this ISO/IEC 27001 certification in hand, TH can now ensures all interest parties that they will be able to systematically manage and control all their critical information assets securely. This certification will also let all stakeholders including employees, management, business partners and their customers know in advance, that all their information are managed in a system that meets the ISO/IEC 27001 standard.

Should you need additional information about information security management system, do drop us an email We will be delighted to be of assistance to you