What is EN ISO 27158: 2011 ?

EN ISO 27158: 2011 is a professional technical standard that provides guidelines for the implementation and management of information security controls in organizations. It outlines a comprehensive framework for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an organization's information security management system (ISMS).

The main purpose of EN ISO 27158: 2011 is to enable organizations to establish and maintain effective information security controls based on best practices and international standards. By implementing this standard, organizations can ensure the confidentiality, integrity, and availability of their information assets, including sensitive customer data, intellectual property, and financial records.

EN ISO 27158: 2011 helps organizations identify and assess information security risks, and provides guidelines on how to treat and manage these risks effectively. It also emphasizes the importance of ensuring compliance with legal, regulatory, and contractual requirements related to information security.

EN ISO 27358: 2011 is a professional technical standard that provides guidelines and requirements for the storage and management of electronic records. It focuses specifically on the principles and functional requirements for software used in electronic records management systems (ERMS).

The main purpose of EN ISO 27358: 2011 is to ensure that electronic records are properly managed and preserved in a way that maintains their integrity, authenticity, and reliability. The standard sets out best practices for the design, implementation, and maintenance of ERMS, with the ultimate goal of facilitating the long-term preservation of electronic records.