Email Gijs-Jan
How can we help?
Whether you're looking for expert ITSM consulting, cutting-edge technology solutions, award-winning training courses, or hands-on IT support, explore our website and use the search box to easily find the resources, insights, and services you need.
ISO 27002: An Introduction
The Importance of Information Security: Protecting Your Organisation
Imagine waking up to discover that your IT systems have been hacked. The financial results of your company have been leaked and are being discussed in the media. The market loses confidence in your organisation, and your directors are held personally responsible for inadequate risk management practices. An extreme example? Perhaps, but even a small-scale security breach could leave your business without access to critical IT systems for hours or even days.
Every organisation relies on information – most depend on it. Information is an asset, just like other essential business assets, and must be protected accordingly. Information security is no longer just a technical issue; it is a vital business concern. While compliance with legal and regulatory requirements is crucial and provides a strong incentive to review your information security practices, it should not be the sole or even the primary driver. For a business to succeed, it must recognise the importance of information security and implement appropriate measures and processes.
Understanding ISO 27002 Information Security
ISO/IEC 27002 establishes guidelines and principles for initiating, implementing, maintaining, and improving information security management within an organisation. This standard is explicitly concerned with the security of all forms of information—including computer data, documentation, knowledge, and intellectual property—not just IT systems or cybersecurity.
ISO/IEC 27002 is a code of practice, offering recommended information security controls that address control objectives related to the confidentiality, integrity, and availability of information. It is not a formal specification like ISO/IEC 27001, but the two standards are designed to be used together, complementing each other to provide a comprehensive framework for information security management.
By understanding and applying the principles of ISO/IEC 27002 alongside ISO/IEC 27001, organisations can better protect their information assets, ensure compliance with regulations, and ultimately, safeguard their business from potential security breaches.
Case studies
Growth powered by Pink Elephant’s SIAM IT Service Desk
Corplex (formerly DS Smith Plastics, Extruded Products) is a leading manufacturer of innovative reusable packaging. With a history spanning 50 years, Corplex rebranded in 2020 after being acquired by Olympus Partners. The company is dedicated to sustainability and excellence, establishing itself as a trusted name in the Reusable Transport Packaging...
Bespoke Customer Service training programme for GTT
Pink Elephant EMEA builds on the success of a GTT’s customer service offering with a bespoke virtual training programme. Find out more below about the objectives, challenges, and successes of delivering a training programme to 250+ GTT employees, in three countries, across three time zones.Find Out More about Customer Service...
AON optimises ITSM and UX
Aon PLC, a leading British-American multinational professional services firm, offers a wide range of financial risk-mitigation products, including insurance, pension administration, and health insurance plans. To continue delivering exceptional service across its global operations, Aon sought to transform its IT Service Management (ITSM) practices and enhance the user experience.The Challenge:...