ISO/IEC 27001 consulting experts and use guidelines
Per the International Organization for Standardization, MorganHill adheres to the following requirements as stated at https://www.iso.org/iso-name-and-logo.html regarding the ISO name and logo:
- MorganHill does not use the ISO logo on our website, and as such, has not copied, changed, or modified the ISO Logo in any way or manner. Per ISO, “The ISO logo is a registered trademark and cannot be used by anyone outside of ISO, unless they have been explicitly authorized.” Source: https://www.iso.org/certification.html.
- MorganHill has not registered "ISO" as, or in, our domain name, website, or company name.
- MorganHill does not use "ISO" as, or in, a product or service name in a singular fashion, rather, it is always used in the context of ISO/IEC with the appropriate standard following the “ISO/IEC” verbiage.
- MorganHill does not, in any way or manner, say that our products or our services are endorsed, approved, recommended, favored, accepted, or certified by ISO, ANSI, ANAB, or any other standards and/or certification body.
- MorganHill does not, in any way or manner, use the short name “ISO” in any of our ISMS documents we offer to prospective clients. When referenced, it is done so with the full reference - specifically - ISO/IEC 27001:2022 and/or ISO/IEC 27002: 2022.
- Refer to ISO or the International Organization for Standardization in a fair and appropriate way. We do this by always referencing the applicable ISO/IEC standard by its full name, and/or by the complete acronym of “ISO/IEC”.
- Refer to ISO standards with their full reference, e.g., "ISO/IEC 27001", as the actual standard has been jointly published by ISO and the International Electrotechnical Commission (IEC). The number indicates that it was published under the responsibility of Subcommittee 27 (on Information Security, Cybersecurity and Privacy Protection) of ISO’s and IEC’s Joint Technical Committee on Information Technology (ISO/IEC JTC 1).
MorganHil ISMS Documents:
Regarding our ISMS documents at http://shop.morganhillcg.com/, all language pertaining to the stated policies, procedures, and processes within each specific ISMS template has been developed by subject matter experts at MorganHill with years of experience in the broader field of information security, cybersecurity, data privacy, regulatory compliance, corporate governance, and other related areas. Specifically, we have developed, then documented within our ISMS templates, what we deem to be industry accepted best practices for each of the applicable referenced ISO/IEC 27002:2022 controls.
As such, we do not copy the prescriptive language stated within any of the past or current published applicable ISO/IEC standards and repurpose it in our ISMS documents, rather, we apply our own intellectual property copyright methodologies regarding the security policies, procedures, processes - and best practices - that an organization should implement.
Additionally, if any of our ISMS documents were developed in many manner by accessing and relying on publicly available, non-copyrighted data sources available for use and consumption by interested users. - then, when necessary, and appropriate - we give attribution to the noted source.