Upload
samsontamwaiho
View
1.988
Download
2
Tags:
Embed Size (px)
DESCRIPTION
Citation preview
2. Hacker Process Failure Contractor Problem Employee Error Incidents SystemFailure Service Interruption Information Leakage 3. How many controlsdo we need? Security Controls 4. Introduction of Information Security Management Standards ISO 27001:2005 5. How ISMS Evolves BS 7799-2:1999developed to support certification BS 7799-1:1995Guidance Document Obtain ISO status ISMS 1995 BS 7799-1 1998 BS 7799-2 1999 BS 7799:1999 2000 ISO 17799:2000 (BS 7799-1) 2002 BS 7799-2:2002 2005 ISO27001:2005 6. Aim of ISMS Safeguarding theConfidentiality ,IntegrityandAvailabilityofwritten ,spokenandelectronic information . Confidentiality Availability Integrity 7. What is the ISMS Standard about? DO Implement & Operate ISMS ACT Maintain & Improve ISMS Annex A 133Controls Management Clause 4 ~ 8
CHECK Monitor & Review ISMS PLAN Establish ISMS 8. What is the Risk Assessment about ? Risk Threat RiskTreatment Vulnerabilities Asset Acceptable Level 9. WhyISO27001 ISO17799 & ISO27001 10.
Benefits of implementing ISO27001 11. ISO 27001 & ISO 27002
Australia Brazil Canada Denmark Germany Iceland India Ireland Malaysia Netherlands New Zealand Czech Republic Taiwan Japan Korea Norway Poland Singapore South Africa Sweden Switzerland UK UAE 12. Benefits ofImplementing ISO27001 ISO17799 & ISO27001 13.
Benefits of implementation 14.
Benefits of implementation(cont) 15. How ISO27001 help and improve Infosec at workplace ISO17799 & ISO27001 16.
ISO 27001 helps to improve infosec 17.
ISO 27001 helps to improve infosec 18. Security Controls
11 Control Areas 39 Control Objectives(Security Categories) 133 Controls 19. Why ISO 27001Certified ISO17799 & ISO27001 20.
Benefits of certifying ISO27001 21. Benefits of certifying ISO27001 IncreasingConfidence- externally (customers / interest parties) &- internally(management & staff) Increase competitive edge Demonstrate commitment to information security 22.
Benefits of certifying ISO27001 23. Introduction ofISO 27001Certification Scheme ISO17799 & ISO27001 24. BSI Route to Certification Next Verification visit decided by Verfier. Max 3 year audit cycle. Max possible interim 12 monthsPre-Application Questionnaire Quotation Application Stage 1: Assessment Certification 3-Year cycle SurveillanceAssessment 3 rdYear Re-assessment Optional Pre-assessment Gap Analysis & / or Stage 2: Assessment 25. CUSTOMER PROFILE WITH BS 7799 / ISO 27001 CERTIFICATIONS Over 45% market share in the world 26. For moreISO17799 & ISO27001 Pease contact our: Sales, Marketing & Training DepartmentTel: +852 3149-3300 / 3149-3320 Fax: +852 2743-8727 / 8343-7336 Email mkt. [email_address] 27. More about ISO 27000:2005 International Standard Series
Still in Development Available now / soon Future new product development