Prerequisite: Basic Understanding of ISO 27001, COBIT, ITIL, ISO 9001 and ISO 14001
+Benefits from ISO 27001
>security risks are managed in a cost effective way.
>customer confidence when interacting with these companies.
>business confidence of companies in the knowledge that their security is assured.
>achieve international standards.
>avoid adhoc in information security management.
>guidelines on establishment, implementations of information security management systems.
>improvement in the information security management systems of companies such as enhancement in monitoring, review and maintenance of the information security management systems.
+ Benefits from COBIT:
>better alignment between business and IT.
>set directions, improve monitoring and in time corrective actions based on providing a better view to IT from a managerial perspective.
>an internationally recognised control framework.
>provides an environment which is responsive to business needs.
>mapping of IT goals to business goals and vice versa.
>clear process ownership à process-oriented à reduced incidents.
>clear performance indicators à better control.
+ Benefits from ITIL:
>consistency and standardised processes.
>suitable for merging and acquisition to bring coherence in management structure.
>save time and money due to not having to reinvent the wheel (with checklist and procedures).
>better governance to IT.
>integrate IT across the enterprise.
+Benefits from ISO 9001:
>more efficient and effective operations
>disciplined business because of common understanding in repeatable and consistent processes.
>fewer failures in quality of products and services.
>quicker response when things are going wrong.
>discovery of inherent errors/failures in the existing processes when implementing the standards.
>clear understanding of what to do and how it is to be done, especially important for new comers.
>improved employees’ morale.
+Benefits from ISO 14001:
>provides a guideline on committing purposes of environmental management systems.
>shows that companies are environmentally responsible.
>increases profits due to better resource management such as energy conservation.
>lower insurance rates when complied to this standard.
>improved relationship with customers and employees.
>better awareness à safety benefits at the work place.
>a ticket to some European markets.
+Benefits in common:
>less expensive to prevent or to do good things from the beginning rather than cleaning up everything.
>cost reduction due to better management.
>standard compliance is a way to attract customers.
>some business domains require the compliance to these standards.
>gain business alignment: when implementing these standards, all the sectors including finance, business management, and technical management have to work together. Hence, business alignment can come naturally when the implementation has been successful.
>instil the feeling the best of the best among the company’s employees.
>share understanding because of having a common language
*everybody has to get onboard when implementing the standards. Employees will be trained and they can get a better understanding of their company.
*some companies use the certification as a mean to do marketing, to expand their market.>encourage the organisation’s capability of learning as well as individuals