Follow us

Facebook Twitter
This email address is being protected from spambots. You need JavaScript enabled to view it. Contacto

Full on net

ISO 27001

In Full On Net, the information is one of our main assets to ensure the quality, success and continuity of our services and ultimately our business.
That is why our priority goal is to guarantee the security of the information and systems used to manage it.

From 10 years ago to today, many customers have trusted us their information and have provided us access to their infrastructure, and that is a great responsibility for us.

For this, we have gone for ISO 27,001 certification as a set of standards developed to provide a framework for managing security information, with a certification that makes an independent external evaluation with the existing formal standard.

In order to properly manage information security, there must be a system that addresses this task in a methodological, documented and based on clear security goals, and risk evaluation of the organization information, and in this way establish appropriate controls to those detected risks.

The main goal of ISO 27,001 in the organization is to implement a continuous improvement model of risk management and the effectiveness of established controls, according to the following diagram:


PLAN
Set the necessary objectives and processes to obtain the expected result. It includes the following phases:

1.-Identify process that needs an improvement.
2.-Data collection for a deeper understanding of the process.
3.-Analyze and interpret the data.
4.-establish the proposed improvement goals.
5.-Detail specifications of the desired improvement results.
6.-Define the necessary processes to achieve these goals, according to specifications.


DO
Implement the processes according to what was previously planned.


CHECK
After a period of time previously estimated, collect and analyze data control again testing them against the goals and specifications. In this way it can be checked if the expected improvement has occurred.
The Implementation and execution plan are monitored and evaluated and their conclusions are documented.


ACT
Based on the results of the previous step, choose an option:
   
•    If partial errors have been detected in the previous step, make a new PDCA cycle with new improvements.
    
•    If no relevant errors were found, apply to large-scale modifications of the processes.
    
•    If irreconcilable errors were found, do not modify the process.

Thus, it provides feedback and / or improvement in the Planning

Share