Skip to content ↓ Skip to navigation ↓

ISO 27001 Compliance: Security is Standard with Tripwire

The code of practice for International Organization for Standardization (ISO 27001) is recognized internationally as a structured methodology for information security and is widely used as a benchmark for protecting sensitive and private information. A widely held opinion is that ISO 27001 is an umbrella over other requirements of law or regulation (such as JSOX, SOX and the Data Protection Directive) or contractual standards (PCI DSS) because it requires companies to review such obligations when assessing risk. Organizations that choose to adopt ISO 27001 compliance also demonstrate their commitment to high levels of information security.

There are 11 major controls required as part of the ISO 27001 compliance standard that comprise best practices in information security. Tripwire covers them all, including:

  • Security Policy
  • Organization of Information Security
  • Asset Management
  • Human Resource Security
  • Physical and Environment Security
  • Communications and Operations Management
  • Access Control
  • Information Systems Acquisition, Development and Maintenance
  • Information Security Incident Management
  • Business Continuity Management
  • Compliance