Wednesday, July 2, 2008

ISO 27001 certification helps deliver measurable difference for BT

An international security standard is giving BT’s customers peace of mind - and helping the company secure major deals.

ISO27001 - an international standard designed around 133 security controls - provides a model for setting up and running an effective information security management system.
The company now has 26 certificates covering more than 60 key sites and services - and 20 new sites have been earmarked for certification.

According to global head of IT governance for bid security and certifications Lou Garcia, this demonstrates that BT meets security control requirements - and shows a high level of security governance, especially in the area of risk management. Lou said: “Many of BT’s most significant customers demand this certification for the services BT provides - and, as demand from our customers increases, so does our programme of certification.”


1 comment:

jacksmith said...

I would also like you to inform about some more about IT Governance and Compliance IT governance, risk and compliance (IT GRC) is about striking an appropriate balance between business reward and risk. The maturity of IT GRC practices for managing reward and risk has a direct impact on the organization. IT GRC encompasses the practices for delivering: Greater business value from IT strategy, investment and alignment, Significantly reduced business and financial risk from the use of IT, and Conformance with policies of the organization and its external legal and regulatory compliance mandates. IT GRC energizes the entire organization to imagine what it can achieve, establishes methods for achieving their objectives, and demonstrates the practices that are proven to work for minimizing business and financial risk. Fundamentally, IT GRC is about striking an appropriate balance between business reward and risk, enabling an organization to more effectively anticipate and manage business risk while more effectively delivering value for the organization. IT governance, risk, compliance, IT GRC, White paper, compliance survey report, 2008 compliance report. You can also get more information from