{"id":1359,"date":"2022-05-06T09:16:57","date_gmt":"2022-05-06T07:16:57","guid":{"rendered":"https:\/\/blog.eprivacy.eu\/?p=1359"},"modified":"2022-05-06T09:16:57","modified_gmt":"2022-05-06T07:16:57","slug":"iso-27001-certification-role-and-tasks-of-the-iso-in-setting-up-an-isms","status":"publish","type":"post","link":"https:\/\/blog.eprivacy.eu\/?p=1359","title":{"rendered":"ISO 27001 certification: role and tasks of the ISO in setting up an ISMS"},"content":{"rendered":"\n<p><strong>Setting up an information security management system (ISMS)<\/strong>\u00a0means to assign tasks within the company in the following:<br>\u00a0<br>The information security officer\u00a0<strong>(ISO)<\/strong>\u00a0has a major role. The ISO is the first point of contact in the company when it comes to information security issues. One of the decisive factors for the successful implementation of his\/her work is the location of the role within the organization. To avoid conflicts of interest and maintain independence, the function should not be in the IT department.<br>\u00a0<br>Ideally, the ISO should have\u00a0<strong>primary responsibility for all stages of ISMS implementation<\/strong>. From the design planning to the set-up, the subsequent operation to the permanent review and improvement. In the context of a possible certification, the ISO is also the contact person for the auditors of the certification body.<br>\u00a0<br>The ISO has<strong>\u00a0technical know-how<\/strong>\u00a0and carries the idea of information security into the company, i.e., one of his\/her tasks is to<strong>\u00a0effectively communicate<\/strong>\u00a0and involve the employees during the ISM process. It is fundamental for the motivation of employees to engage and \u00a0<br>\u00a0<br><a href=\"https:\/\/t5baa4d95.emailsys1a.net\/c\/107\/5298825\/4225\/0\/11201553\/391\/336059\/6e4242a93a.html\">ePrivacy<\/a>\u00a0has supported many companies in setting up and implementing their ISMS. We work closely with the responsible information security officers and support them in all data protection-related topics.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Setting up an information security management system (ISMS)\u00a0means to assign tasks within the company in the following:\u00a0The information security officer\u00a0(ISO)\u00a0has a major<\/p>\n<p class=\"link-more\"><a class=\"myButt \" href=\"https:\/\/blog.eprivacy.eu\/?p=1359\">Read More<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/blog.eprivacy.eu\/index.php?rest_route=\/wp\/v2\/posts\/1359"}],"collection":[{"href":"https:\/\/blog.eprivacy.eu\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.eprivacy.eu\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.eprivacy.eu\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.eprivacy.eu\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1359"}],"version-history":[{"count":1,"href":"https:\/\/blog.eprivacy.eu\/index.php?rest_route=\/wp\/v2\/posts\/1359\/revisions"}],"predecessor-version":[{"id":1360,"href":"https:\/\/blog.eprivacy.eu\/index.php?rest_route=\/wp\/v2\/posts\/1359\/revisions\/1360"}],"wp:attachment":[{"href":"https:\/\/blog.eprivacy.eu\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1359"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.eprivacy.eu\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1359"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.eprivacy.eu\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1359"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}