Is there any alternative to ISO 27001 for my small business?
19th March 2019
... Comments

ISO certifications are known across the world as a way of demonstrating best practice in a number of disciplines, the 27001 is for Information Security.

Though ISO 27001 for a small business may be overly formal, costly and complex, so what are the alternatives if you know you need to take your information security seriously and demonstrate this to your clients?

Cyber Essentials

The Governments Cyber Essentials Accreditation is the perfect starting point for a small business that doesn’t know where to start. It’s 5 areas of compliance cover:

* Boundary firewalls and internet gateways

* Secure configuration

* Access control

* Malware protection

* Patch management

Don’t get me wrong, Cyber Essentials is a world apart from ISO 27001 accreditation, but as a starting point it’s great. It’s not overwhelming or particularly complex, although if you have no IT expertise to call on you will need a little help.

As a Self-Certification this can start from as little as £300, but you can have an independently audited version, Cyber Essentials Plus, which holds more weight as a certification and is a necessary requirement for some Government and Local Authority work.

To continue reading, please click here

More
About the Author

Michael F

Member since: 25th March 2014

Southern IT Networks provides technology advice, support and management for SME's, with specialisation in regulated industries, Office365 & Azure

Popular Categories