Tender conditions drive ISO 27001 update

Upsurge in interest in standards as they become a ‘must have’ rather than ‘could have’ accessory

Registrations for the new ISO 27001 standard broke the 300 barrier in August.

The standard, which has effectively replaced the old BS7799, has persuaded many organisations that certification can mean something to them. According to the standards group BSi, nearly two-thirds of registrations were new organisations going for certification, rather than organisations simply upgrading from the old BS7799.

According to the BSi, one of the reasons for the sharp increase in ISO 27001 registrations activity is that more contracts, originally in government but increasingly in the private sector too, are now stipulating that the successful supplier should have ISO 27001 Information Security Certification.

ISO 27001 certification and risk management specialist URM believes the upsurge in interest is because the standard has become a ‘must have’ rather than ‘could have’ accessory for any organisation tendering in the public sector/large private sector marketplace.

With increasing levels of governance, URM believes certifying to ISO 27001 is also being seen as a ‘future proofing’ exercise for many companies. If they don’t do it now, they know they will probably have to in the future. In fact, some companies who have ISO 27001 certification will even lobby for it to be included in tenders, to stymie any rivals that don’t.

So if you don’t want to lose business, get certified.

Read more on IT risk management