ISO 27001 is a security management standard that specifies security management best practices and comprehensive security controls following the ISO 27002 best practice guidance.
Flowz is 27001 audited and certified.
ISO 27001:2013 (formally known as ISO/IEC 27001:2005) is a specification for an information security management
system (ISMS). An ISMS is a framework of policies and procedures that includes all legal, physical, and technical controls
involved in an organization’s information risk management processes.
ISO 27001 requires that management do the following:
The ISO 27001 process includes a very formal requirement around “corporate” policies and procedures and around “continuous improvement.” It specifies that companies cover a self-evaluation process that judges and improves the suitability and adequacy of the information security management system (ISMS) as well as its effectiveness. ISO 27001 requires that this self-evaluation process be in place and one “cycle” of improvement be demonstrated before certification can be granted. As such, it takes the longest time of all the compliance profiles to achieve.