Overview of information security

Information security refers to acts performed to prevent information from being damaged, altered, or leaked in the process of collecting, processing, storing, searching, transmitting, and receiving information. As we enter the knowledge and information society, the activities of cyberspace expand, and many services are being provided online. In the event of sudden system errors or difficulty in use, serious situations are occurring that can paralyze work or even determine human life and death. Therefore, not only companies, organizations, countries, but also individuals should pay attention to information security and make great efforts.

< Information Security >

Specifications related to information security

• ISO/IEC 27001
  : ISO/IEC 27001 specifies requirements for establishing, implementing, maintaining, managing, and continually improving of information security management systems, and is a representative standard including requirements for information security risk assessment and processing according to organizational needs.
• ISO/IEC 27002
  : ISO/IEC 27002 provides best practice recommendations on information security controls for use by those responsible for initiating, implementing, or maintaining information security management systems (ISMS). Thus, it can be interpreted and applied for organizations of all types and sizes depending on the specific information security risks faced.
• ISO/IEC 27701
  : ISO/IEC 27701, in the form of an extension to ISO/IEC 27001 and ISO/IEC 27002, provides guidelines for establishing, implementing, maintaining, and continuously improving privacy information management systems (PIMS) for the management of personally identifiable information in organizations.
• ISO/IEC TS 27110
  : ISO/IEC TS 27110 specifies the guidelines for developing a cybersecurity framework. It is applicable to cybersecurity framework creators regardless of their organizations' type, size, or nature.
• ISMS-P
  : ISMS-P is the certification of personal information & information security management system. It is a system that certifies that a series of measures and activities for personal information and information security meet the certification standards. It is based on the Information Korea’s Information Protection Act and Personal Information Protection Act, and through this management system, organizations can move away from one-time security measures and implement systematic and comprehensive security measures.

ISO/IEC 27001 & ISO/IEC 27701

As the importance of personal information utilization and protection expands in the digital era, companies and industries need experts related to information security. Accordingly, GPC has obtained accreditation from IAS for ISO/IEC 27001 & ISO/IEC 27701 auditor certification and issues a certified auditor certificate.