Frequently Asked Questions
We have a large selection of frequently asked questions organised by subject area.
Select a category a below to filter out relevant questions or search here.
If you can't find what you're looking for you can ask us a question here.
- Before and during the course (6)
- Booking and payment (13)
- Certificates of attendance (5)
- Certified courses (10)
- Choosing a training venue (2)
- Course structure and tutors (5)
- CQI and IRCA exams (14)
- Cyber security (6)
- Dedicated training (8)
- Online training in the Virtual Classroom (8)
- Post course and feedback (3)
- Standards and ISO (5)
- Understanding business improvement (8)
- Why train with Bywater (4)
ISO 27001 is an international standard that specifies the requirements for an information security management system (ISMS). An ISMS is a framework that helps organisations manage their information security risks and improve their information security.
Although ISO 27001 is a voluntary standard, many organisations choose to be certified to it. They see certification as an opportunity to demonstrate to customers, suppliers, and other stakeholders that the organisation has a commitment to information security.
Further benefits of implementing ISO 27001 include:
- Reduced information security risks
- Improved compliance with information security regulations
- Increased efficiency and cost savings
- Enhanced reputation and brand image
- Increased customer satisfaction
- Improved employee morale and motivation
Key concepts of ISO 27001 include:
- Information security risk - the potential impact of a threat on an organisation's information assets
- Information security controls - measures taken to reduce information security risks