ISO 27001

Question 1

Key Components of ISO2700

Answer 1

Framework of policies,
procedures & controls to manage information security risks

Confidentiality, Integrity, and Availability (CIA):
* Confidentiality: Ensure information only accessible by authorized individuals
* Integrity: Ensuring that information is accurate and has not been tampered with
* Availability: Ensuring that information’s available to authorized users when needed

Question 2

Benefits of ISO27001

Answer 2

Enhanced Data Security: Reduces risk of breaches, leaks or loss of information

Regulatory Compliance: Helps organisations meet requirements & avoid fines

Customer Trust: Demonstrates that they take data security seriously

• Risk management: By identifying and addressing potential issues early they
  can prevent costly leaks, breaches or attacks from happening
• Competitive Advantage: As companies with ISO27001 are viewed as more
  reliable partners, it will help to win further business
• Incident Response: Helps to minimize the damage of incident

Question 3

Risk Mitigation & Cost Avoidance:

The average cost of a data leak is about _______

Answer 3

$4.45m

Question 4

Risk Mitigation & Cost Avoidance:

Businesses with ISO27001 have on average _______ lower security incidents

Answer 4

30-50%

Question 5

Risk Mitigation & Cost Avoidance:

GDPR fines are either _______ or up to _____

Answer 5

4% of annual revenue / £20m

Question 6

Small to Medium Size Enterprises:

They can expect savings ranging from _______ depending on their exposure to security risk

Answer 6

50-500k annually

Question 7

Insurance Premium Reductions:

Some cybersecurity insurance providers offer reduced premiums for ISO 27001 certified companies, as they are lower risk. This could amount to ________ in insurance savings.

Answer 7

10-20k per year