Throughout the implementation process, we built the ISMS framework, and enhanced information security protection mechanism. It included ensuring the service level of Datacenter Services and enhancing UM’s Data, information assets and resources with “Confidentiality”, “Integrity” and “Availability”.
The standard covers 14 domains with 114 detailed controls, which considers not only IT but encompasses the entire daily operations, including its people, processes and technology. It assures the robustness and quality of UM’s risk management processes to information security. Moreover, several online ISO 27001 awareness and professional trainings were conducted for related staff.