Scribd Logo
Upload

Welcome to Scribd!

  • 137 views

    ISO 27001-2005 Awareness

    Uploaded by

    qadir147
    The document provides an overview of the ISO 27001 information security standard, outlining key concepts like information assets, information security, the 11 domains addressed in ISO 27001, and the benefits of compliance such as effective controls and market differentiation.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd

    ISO 27001-2005 Awareness

    Uploaded by

    qadir147
    137 views14 pages
    The document provides an overview of the ISO 27001 information security standard, outlining key concepts like information assets, information security, the 11 domains addressed in ISO 27001, and the benefits of compliance such as effective controls and market differentiation.

    Original Description:

    ISO 27001-2005 Awareness

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The document provides an overview of the ISO 27001 information security standard, outlining key concepts like information assets, information security, the 11 domains addressed in ISO 27001, and the benefits of compliance such as effective controls and market differentiation.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Download as ppt, pdf, or txt
    137 views14 pages

    ISO 27001-2005 Awareness

    Uploaded by

    qadir147
    The document provides an overview of the ISO 27001 information security standard, outlining key concepts like information assets, information security, the 11 domains addressed in ISO 27001, and the benefits of compliance such as effective controls and market differentiation.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Download as ppt, pdf, or txt
    of 14

    ISO 27001:2005

    Information Security Standard


    A brief Overview

    Information
    Information is an asset which, like other important business assets, has value to an organization and consequently needs to be suitably protected. Printed or written on paper Stored electronically Transmitted by mail or electronic means Spoken in conversations

    What is Information Security


    ISO 27001 defines this as preservation of:

    Achieving Information Security


    4 Ps of Information Security

    3 Basic Principles for ISMS


    Confidentiality
    Ensuring that information is accessible only to those authorised to have access. Safeguarding the accuracy and completeness of information and processing methods. Ensuring that authorised users have access to information and associated assets when required.

    Integrity

    Availability

    ISMS Relationships
    11 Domains of ISO27001

    Procedural

    Technical

    Information Assets Physical Integrity

    People

    2006 IBM Corporation

    11 Domains of ISO 27001


    1.
    2. 3.

    Security Policy
    Organization of Information Security Asset Management

    4.
    5. 6.

    Human Resources Security


    Physical & Environmental Security Access Control

    7.
    8. 9.

    Communications & Operations Management


    Information Systems acquisition, development and maintenance Compliance

    10. Business Continuity Management


    11. Information Security Incident management

    What is ISO 27001?


    International Standard for Information Security Management

    Specifications for Information Security Management


    Code of practice for Information Security Management Can be Certified by Certification Bodies Applicable to all industry sectors

    ISO 27001 Drivers

    Corporate Governance
    Increased Risk Awareness Competition Customer Expectation

    Market Expectation
    Market Image Legislative drivers

    Reasons for seeking Certification according to BSI-DISC Survey

    Few Benefits of Compliance


    Effective Controls of Information Security Market Differentiation Confidence to trading partners,stakeholders and
    customers

    ONLY standard with global acceptance

    Legislative Compliance

    ISO 27001:2005 PDCA

    ISO 27001 can be..


    Without genuine support from the top- a Failure
    Without proper implementation-a burden With full support,proper implementation and
    ongoing commitment a

    major benefit

    ISO 27001:2005 Information Security

    GSDC certified against ISO/IEC 27001:2005 standard


    - 27 April 2006

    ITD GD completed the 1st Surveillance Audit March


    2007

    ITD GD is scheduled for the combined 2nd & 3rd


    Surveillance Audit 24th to 26th March 2008

    THANK YOU

    You might also like