This is the Module 1 of ISMS implementation course - is a 3 days hands-on course with case studies. This sample module also has an audio attached to the presentation so while running the file please ensure your audio is switched to ON.
Citation preview
1. ISMS Implementer Course
Module 1
Introduction to Information Security
2. Introduction to Information Security
What is Information?
Information is stimuli that has meaning in some context for its
receiver. When information is entered into and stored in a
computer, it is generally referred to as data. After processing
output data can again be perceived as information.
(Source: SearchSQLServer.com Definitions)
ISMS Implementer Course (V 1.0)
Infocounselors
2
3. Introduction to Information Security
What is Information?
Information is an asset which, like other important business
assets, has value to an organization and consequently needs to be
suitably protected.
(Source: ISO 27002)
ISMS Implementer Course (V 1.0)
Infocounselors
3
4. Information Life Cycle
Creation
Storage
Access
Modification
Transmission
Printing
Processing
Destruction
Introduction to Information Security
Infocounselors
4
ISMS Implementer Course (V 1.0)
5.
Data storage devices
6. Hard disks 7. CDs / Floppies 8. Pen drives 9. Zip drives 10.
Tapes / DATs 11. Physical copies 12. Printed reports, documents,
graphs 13. Accessed through 14. Desktop / Laptop 15. File server
16. Internet / Web server 17. Mail server (mail boxes) 18. Accessed
by 19. Employees 20. Contractors 21. Business partners 22. Vendors
Infocounselors
ISMS Implementer Course (V 1.0)
5
Introduction to Information Security
Where the Information is located?
23. Introduction to Information Security
What are information risks?
Risks present at each and every step in the information life
cycle
Risks such as
Theft
Misuse
Corruption
Denial
Destruction
Infocounselors
ISMS Implementer Course (V 1.0)
6
24. Introduction to Information Security
Information Security Components
Availability : Authorized users shall have access to the
information as and when required for the business use
Integrity : Accuracy and completeness of information and
information processing methods
Confidentiality : Information shall be accessible only to the users
based on need-to-know, need-to-use
Infocounselors
7
ISMS Implementer Course (V 1.0)
25. Introduction to Information Security
Information Security:
Preservation of confidentiality, integrity and availability of
information; in addition, other properties such as authenticity,
accountability, non-repudiation and reliability can also be
involved
(ISO27001)
Infocounselors
8
ISMS Implementer Course (V 1.0)
26. Introduction to Information Security
Information Security Pillars:
Infocounselors
9
ISMS Implementer Course (V 1.0)
TECHNOLOGY
PROCESS
PEOPLE
27. Introduction to Information Security
Goal is to protect Information
3 components :A I - C
3 pillars: People Process Technology
Infocounselors
ISMS Implementer Course (V 1.0)
10
28. Introduction to Information Security
A holistic or enterprise information security approach is
required
Proper identification of information to be protected
Assessment of risks to information
Risk mitigation measures
Process based approach
Management system
Infocounselors
ISMS Implementer Course (V 1.0)
11
29. Introduction to Information Security
Approach towards enterprise security:
Layered defense
Infocounselors
ISMS Implementer Course (V 1.0)
12
30. Introduction to Information Security
How to proceed with implementation of a structured Information
Security Management System (ISMS)?
Proceed to Module 2 of this course..
The complete course consists of 15 modules
Infocounselors
ISMS Implementer Course (V 1.0)
13
31. Introduction to Information Security
For Feedback / Queries mail to: [email protected]
www.infocounselors.com
Course designed and delivered by:
Mumbai India
Infocounselors
ISMS Implementer Course (V 1.0)
14
