Information Systems

The article covers three different case studies and how they standardize and implement in the information security field.  This is known as the ISO/ IEC 27001.  The goal for each of these organizations was to ensure the safety and security of information safely, ensure accuracy, confidentially, and the integrity (Talib et al., 2012).  I agree with these standards because it helps to guarantee the security and quality of client information, transactions, and products.  If the company has taken the time to go through this process they have implemented processes, training, systems, hardware, software, and any other requirement to pass the certification.  This ensures all who do business with them that they are doing everything to stay compliant with the ISO27001 standards.  They also will have to continue to update their systems over time as well as submit to regular inspections. 

This standardization also benefits the organization from a liability perspective as well. By showing that they have followed the required standards, that means that if there is an issue they can go back and show documentation.  Therefore if there is a breach of information and they can show they followed all required standards they then have far less responsibility than if they had not gone through the standardization process.

Talib, A.M., Khelifi, A., Barachi, E.M., & Ormandjieva,O. (2012).  ISO 27001: UAE Case Stud.. Issues in Informing Science & Information technology, 9, 331-349. Retrieved from http://eds.b.ebscohost.com.lopes.idm.oclc.org/eds/pdfviewer/pdfviewer?vid=2&sid=87e10353-2518-43e5-9c3c-023f1162a386%40sessionmgr104