ISO/IEC 27001

A specification for an information security management system (ISMS)

An ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organisation's information risk management processes. TechnologyOne acquired this in 2011 to create a global policy framework that enabled us to include security as part of the design process. It demonstrates that we are following international best practice to mitigate threats.

ISO/IEC 27001 requires that management:

  • Systematically examine the organisation's information security risks, taking account of the threats, vulnerabilities, and impacts;
  • Design and implement a coherent and comprehensive suite of information security controls and/or other forms of risk treatment (such as risk avoidance or risk transfer) to address those risks that are deemed unacceptable; and
  • Adopt an overarching management process to ensure that the information security controls continue to meet the organisation's information security needs on an ongoing basis.

Our accreditations

Contact Us Agent - TechnologyOne

Have a question?

If you would like more information, we are here to help.