INFORMATION SECURITY: Principle 5
ISO 27001 Information Security Principles
Principle 5 – Promoting Societal Values
Maintaining information security within your organization will be greatly facilitated if you follow this principle.
You might want to enhance the following values:
- Genuineness and ethics are the hallmarks of honesty.
- Equality and justice are the hallmarks
- Dignity and honour, treating people with dignity.
- Remain trustworthy.
- Show kindness and care for people.
- Display courage and take responsibility.
There is no obligation to follow this list, nor is it an exhaustive one. They are only guidelines. Some of these values might be present in your system already, or you might have others. You should start writing down your values now if you have not already done so. To find the values that are right for your business, you must do some research.
Thus, it is necessary to determine how your company values will enhance society. Now is the time to upgrade them so they will enhance society instead of diminishing it.
Mission statements and/or values statements can express these values. Accordingly, your ISMS must reference this statement in a way that ensures adherence and compliance with these principles.
Here are two things you should keep in mind:
- Getting these values right is very critical. You should adopt values that are important to your organization rather than simply picking them out of a focus group. These values will guide your company’s actions for years to come. You will be working with these values on some level every single day, so they should be something you believe in and support with action.
- Your societal values require more than lip service. Getting them wrong and establishing an ISMS that doesn’t fit the company culture will not lead to success.
Use SHEQ software
To design and implement a Quality Management System, SRM and many of our clients use Mango Compliance Software – www.mangolive.com Mango makes it easier to obtain and maintain ISO 9001:2015 certification.
SRM is ISO 9001:2015, ISO 14001:2015 and ISO 45001:2018 certified. Contact our consultants today. Let us know if we can help you with the development and implementation of your Quality Management System.