Using an holistic approach to managing ISO/IEC 27001, data protection, privacy and PCI DSS
By using a single system for the ongoing management of compliance, regulatory and legal information security obligations, overlapping requirements can be identified, efficiencies leveraged and greater visibility and assurance can be provided to the organization. To achieve this single point of management we advise adopting the internationally recognized ISO/IEC 27001 – Information Security Management System (ISMS) model.
This paper provides insight on how an Information Security Management System (ISMS) can be used to drive a holistic management approach for security standards and compliance obligations such as ISO 27001, PCI DSS and privacy.