ISO 27001 is an Information Security Management System (ISMS) published standard which formally specifies a management system that is intended to bring information security under explicit management control, including the use of classification and labelling.
The most common question I was asked at InfoSec2012 recently in earls court was ‘how do I implement Data Classification for ISO27001?’
We were showcasing TITUS solutions during the show and demonstrated how it helps organizations become ISO 27001 certified by ensuring they comply with the formal requirements around the handling and management of information.
In Short, TITUS ensures that information contained in Microsoft Outlook and Office are classified and labelled to prevent inadvertent data loss. Then the solution enforces data policies to limit how information is distributed and handled, making certain email and documents are classified, managed and controlled in compliance with ISO 27001, and 27002 for ISO audits.
The software is already deployed to over 2m users and is a quick win for overworked Risk, Compliance and Security Staff and is very end user friendly.