ROI Savings Using an ISO 27001 Organization
Last month, a seminar was held locally with many of the information security professionals in our area and an expert spoke of the necessity of having the ISO 27001 certification. After the formal presentation, this person was answering several pointed questions. One of those queries was about using vendors who also have the ISO 27001 certification and the specialist stated the cost of using a company that did not also have the security standard was going to be sizable. The organization was going to have to allocate resources to implement the same ISO controls at the vendor’s location that they were using at their site to meet their security plan.