|
Press Release
November 17, 2005 Princeton, New Jersey Churchill & Harriman Aligns Risk Assessment Practice With
ISO/IEC 27001:2005 Security Standard C&H Recognized as Leader in Standards Community PRINCETON, NJ -- (MARKET WIRE) -- 11/17/2005 -- Churchill & Harriman (C&H), a leader in risk assessment and mitigation services for over a decade, announced today it has fully incorporated and deployed within its practice the recently released ISO/IEC 27001:2005 information security standard. C&H is a recognized leader in the international standards community and has been named an ISO 27001 Associate Consultancy by BSI Americas and a SAFE-BioPharma Association Leadership Team Member and certified Member Integration Partner. ISO/IEC 27001:2005 contains best practice guidance to help protect the confidentiality, integrity and availability of information that businesses of all sizes depend upon, such as bank accounts, medical and defense data, personally identifiable information (PII), and all forms of intellectual property. ISO 27001 goes hand-in-hand with the newly released ISO/IEC 27001:2005 (formerly BS 7799-2:2002), the formal certification standard against which organizations may seek independent certification of their Information Security Management Systems (ISMS). The internationalization of these standards is expected to create a global upsurge in demand for ISMS certification. "The recent release of ISO 27001 as an international security standard recalls the powerful effect that ISO 9000 had on the quality assurance movement of the 1990s. Even more important, we expect these standards to impact the competitive landscape, as corporations increasingly demand compliance against best practice security standards and ultimately certification from their suppliers and business partners," said Barry Kouns, vice president of C&H. "The significance of these standards cannot be overstated. We are seeing a groundswell of interest especially among our Fortune 50 clients in life sciences and financial services," stated Ken Peterson, chairman of C&H. The ISO standards will become the international touchstone for effective, secure information management practices that protect organizations and ensure their compliance with data protection, privacy and information misuse regulations. In the U.S., the regulatory and compliance requirements imposed by the Gramm-Leach-Bliley Act (GLBA), the Health Insurance Portability and Availability Act (HIPAA), the Sarbanes-Oxley Act (SOX), and the Federal Information Security Management Act, among others, are all best met through the development of an ISMS that is integrated, comprehensive and incorporates widely recognized best practices. ISO 27001:2005 alignment and ISO 27001 certification are essential steps toward effecting and demonstrating compliance with both current and future legislation. "I have a high level of trust and confidence with Churchill & Harriman, built on working with the firm over many years. Independent risk assessment through reliable, trusted experts such as C&H brings rigor to the standards implementation process and improvements to information security that are essential to regulatory compliance and corporate risk management. C&H consistently delivers results, with high quality personnel, integrity, and professionalism," said Bob Schwartz, chief information officer, Panasonic Corporation North America. "Nearly 1,900 organizations worldwide have already been certified against BS 7799-2:2002 (or their national equivalents), and we expect internationalization of the standard to accelerate its adoption in the U.S.," said Tom Shelley, vice president, marketing, BSI Management Systems (Americas). "Churchill & Harriman has shown remarkable leadership working with BSI and the standards community, and its risk mitigation credentials are unassailable." About ISO/IEC 27001:2005 and ISO 27001 In July 2005, British Standards BS 7799-2:2002 was updated and released as a final draft standard in support of the 2005 update to ISO/IEC 27001. On October 15, 2005, the International Organization for Standardization (ISO) released the final version of the standard as ISO/IEC 27001:2005. ISO 27001 is the formal standard against which organizations may seek independent certification of their Information Security Management Systems (meaning their framework to design, implement, manage, maintain and enforce information security processes and controls systematically and consistently throughout the organizations). The final version of ISO 27001:2005 is available now from ISO or BSI. More information is available at www.iso.org, www.bsiamericas.com and www.xisec.com. About Churchill & Harriman Founded in 1986, Churchill & Harriman (C&H) has been a leader in information technology consulting for over two decades and experts in risk mitigation services for the last 10 years, serving Fortune 500 companies including life sciences, financial, manufacturing, and other industries. With expertise in information security, regulatory compliance, privacy and standards, the firm helps clients develop and implement controls and procedures that identify, value, and mitigate business risk. C&H also delivers compliance tools, training and communications support to help clients incorporate risk mitigation into everyday strategy. C&H is an ISO 27001 Associate Consultancy to BSI Management Systems. It is also a Leadership Team Member and certified Member Integration Partner of the Secure Access For Everyone (SAFE)-BioPharma Association, a network of recognized trusted healthcare professionals and an identity management standard and associated operating rules that deliver unique identity keys for regulatory compliant and legally enforceable digital signatures (www.safe-biopharma.org). For More Information Contact: Churchill & Harriman Email: info@chus.com
|
 |
||||||||
Engaging Your Vendors
|
|
|||||||
 |
|
| Site Contents © 1999 - 2008 Churchill & Harriman All Rights Reserved | |