ISO/IEC 17799:2005 establishes guidelines and general principles for initiating, implementing, maintaining, and improving information security management in an organization. The objectives outlined provide general guidance on the commonly accepted goals of information security management. ISO/IEC 17799:2005 contains best practices of control objectives and controls in the following areas of information security management: security policy; organization […]

In the realization of a quality management system, some organizations choose to rely on their own personnel but some use the services of external consultants. The selection of a consultant by an organization is important for ensuring that the resulting quality management system is capable of meeting the organization’s planned objectives in the most efficient […]

ISO 14224:2016 provides a comprehensive basis for the collection of reliability and maintenance (RM) data in a standard format for equipment in all facilities and operations within the petroleum, natural gas and petrochemical industries during the operational life cycle of equipment. It describes data collection principles and associated terms and definitions that constitute a “reliability […]

The aim of this International Standard is to offer a general framework for material flow cost accounting (MFCA). MFCA is a management tool that can assist organizations to better understand the potential environmental and financial consequences of their material and energy use practices, and seek opportunities to achieve both environmental and financial improvements via changes […]

What is ISO 27001 and why is it so important for organisations? Generally speaking, most organisations and businesses will have some form of controls in place to manage information security. These controls are necessary as information is one of the most valuable assets that a business owns. However, the effectiveness of such a policy is […]