According to 96% of more than 200 senior executives ISO 21001 plays an important role in improving a companys cybersecurity defences.
Nearly 70% of respondents said that improving information security was the biggest driver for implementing ISO 27001, according to the ISO 27001 Global Report 2016.
Other top reasons for adopting the standard were to align with information security best practice (62%) and to gain a competitive benefit (57%).
Improved information security is also seen as the single most important advantage of ISO 27001 implementation (51%).
According to the report, 40% of organisations have achieved ISO 27001 certification and 44% are working towards achieving certification. Only 16% are not planning to certify their information security management system (ISMS).
The survey shows that chief executives are supportive of ISO 27001 implementation, with 38% of respondents saying they had no challenge in securing their CEO’s buy-in when it came to implementing ISO 27001. But 20% found it most challenging to convince the board that information security is a critical business issue.
ISO 27001 sets out the requirements for the establishment, implementation, management and continual improvement of an ISMS.
According to IT Governance, the value of ISO 27001 lies in the fact that it is a management standard and that it looks at information security from a comprehensive point of view, taking into account people, processes and technology.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now