Sunday, December 5, 2010

Benefits of ISO 27001, COBIT, ITIL, ISO 9001 and ISO 14001

Follow trongbang86 on Twitter
About me
Level: Intermediate
Prerequisite: Basic Understanding of ISO 27001, COBIT, ITIL, ISO 9001 and ISO 14001

+Benefits from ISO 27001
>security risks are managed in a cost effective way.
>customer confidence when interacting with these companies.
>business confidence of companies in the knowledge that their security is assured.
>achieve international standards.
>avoid adhoc in information security management.
>guidelines on establishment, implementations of information security management systems.
>improvement in the information security management systems of companies such as enhancement in monitoring, review and maintenance of the information security management systems.

+ Benefits from COBIT:
>better alignment between business and IT.
>set directions, improve monitoring and in time corrective actions based on providing a better view to IT from a managerial perspective.
>an internationally recognised control framework.
>provides an environment which is responsive to business needs.
>mapping of IT goals to business goals and vice versa.
>clear process ownership à process-oriented à reduced incidents.
>clear performance indicators à better control.

+ Benefits from ITIL:
>consistency and standardised processes.
>suitable for merging and acquisition to bring coherence in management structure.
>save time and money due to not having to reinvent the wheel (with checklist and procedures).
>better governance to IT.
>integrate IT across the enterprise.

+Benefits from ISO 9001:
>more efficient and effective operations
>disciplined business because of common understanding in repeatable and consistent processes.
>fewer failures in quality of products and services.
>quicker response when things are going wrong.
>discovery of inherent errors/failures in the existing processes when implementing the standards.
>clear understanding of what to do and how it is to be done, especially important for new comers.
>improved employees’ morale.

+Benefits from ISO 14001:
>provides a guideline on committing purposes of environmental management systems.
>shows that companies are environmentally responsible.
>increases profits due to better resource management such as energy conservation.
>lower insurance rates when complied to this standard.
>improved relationship with customers and employees.
>better awareness à safety benefits at the work place.
>a ticket to some European markets.

+Benefits in common:
>less expensive to prevent or to do good things from the beginning rather than cleaning up everything.
>cost reduction due to better management.
>standard compliance is a way to attract customers.
>some business domains require the compliance to these standards.
>gain business alignment: when implementing these standards, all the sectors including finance, business management, and technical management have to work together. Hence, business alignment can come naturally when the implementation has been successful.
>instil the feeling the best of the best among the company’s employees.
>share understanding because of having a common language
*everybody has to get onboard when implementing the standards. Employees will be trained and they can get a better understanding of their company.
>improved marketing
*some companies use the certification as a mean to do marketing, to expand their market.
>encourage the organisation’s capability of learning as well as individuals
Follow trongbang86 on Twitter


  1. Taking ISO 27001 Training will be very beneficial to anyone planning to take the course. Topics that are discussed in the course includes a brief history of the standard and then discussing the advantages this international model provides to any organization desiring to develop a quality management system built upon identifying the processes within a business, developing consistent production plans for that business and implementing structured improvements to succeed in today’s competitive marketplace.

  2. ISO 22000 Certification is taken by many companies in finance sector, banking, software industry, business outsourcing companies, insurance, telecommunication as well as manufacturing units. The companies’ needs to implement the ISO 27001 standard requirements as listed below to get this certificate. The ISO 27001 standard clauses and summary of requirements are given below


There was an error in this gadget