Information Security Management Systems (ISMS) compliant with ISO 27001 can be certified by Accredited Registrars (aka Certifying Bodies) worldwide. PMG is a partner of Accredited Registrar – PECB.
In most organizations, where they have not adopted ISMS or any other comprehensive information security management systems standard, security controls seems to have been adopted or implemented as a ‘point solution’ to meet certain specific security challenges. These solutions tend to be haphazard, disjointed, not-comprehensive and not-interconnected. Often times these solutions typically address IT systems or data security issues only and does not address security vulnerabilities within non-IT information assets (e.g.paper file racks) or physical security infrastructure. Issues connected to Business Continuity, Disaster Recovery Planning, HR etc, that do not have day-to-day security impacts seems to fall through the cracks when security is done without a proper framework.
It is important to point out that ISO/IEC 27001 covers more than just IT. The framework and the controls cover all aspects that are connected with security of information and information processing facilities.