Case Study
Public Sector organisations use ISO/IEC 27001 to manage data securely
In the English Midlands, Birmingham City Council use and have certification to ISO 9001 and ISO/IEC 27001. This has enabled the Council to both improve its processes and to make a strong statement about how it operates, especially important for them with data integrity. (UK)
Click here for further details
Dubai Ministry of Labour (DoL) has been recertified to ISO/IEC 27001, meaning the DoL has had this certification since 2011. Ahmad Yousuf Al Nasser, Director of the IT Dept. at the Ministry of Labour stated that ‘(ISO/IEC 27001 certification) achieved a number of advantages most notably was its global recognition on information security systems, establish landmarks on information security systems and build an integrated system that depends on continuing operations applied for proper info protection.’ (Dubai)
Click here for further details
A further example of the public sector using ISO/IEC 27001 is the Legal Ombudsman of England & Wales. The process of implementing the standard have delivered improved performance in areas such as risk management, but most significantly the certification has given greater confidence to the Legal Ombudsman’s users in their services and especially their ability to manage their data securely. (UK)
Click here for further details
Certification to ISO/IEC 27001 has also been used by the State Revenue Committee of the Republic of Armenia. Certification has been used here in this example as data security is seen as one of the cornerstones for delivering high quality public service. (Armenia)
Click here for further details
The value of information security management standards has also been seen by the Norwegian Agency for Public Management and eGovernment (Difi). Difi has signed an agreement with Standards Norway which allows over 200 government organisations access to key standards for information security management, including ISO/IEC 27001. The aim of these organisations is to improve their information security management by the implementation of these standards. (Norway)