ISO 27001 is a specification for an information security management system (ISMS). According to data from www.iso.org, an ISMS is a systematic approach to managing sensitive company information so that it remains secure. It includes people, processes and IT systems by applying a risk management process, and it can help small, medium and large businesses in any sector keep information assets secure.
Ms. Mussenden stated that the certification of the centre will be done via a partnership between the Republic of China (Taiwan) and the Government of St. Kitts and Nevis as both parties have embarked on a programme to implement a digital Land Registry.
“…as part of that process our server room here will be hosting the application and we are thus required to become ISO 27001 Certified to provide the necessary confidence that the information security, polices and strategies are in place to ensure that that critical land information data is secure,” she added.
She noted that there is a possibility that trainees who complete the programme would be called upon to assist, and given the “opportunity to practice the skills” they would have gained from the programme.
Currently, fifteen (15) participants from various ministries and departments within government are attending a two (2) day Certified ISO 27001 Lead Implementer and Internal Controls Architect Training and Certification workshop. The training will prepare participants to be eligible for professional certification as Certified ISO 27001 Lead Implementers and Internal Controls Architects, who can effectively manage the threats and risks to government’s information by establishing Information Security Management Systems (ISMS) based on international standards.