• Introduction
• Scope
• Normative References
• Terms and Definitions
• Information Security Management System
• Management Responsibility
• Management review of the ISMS
• ISMS improvement
Saturday, January 24, 2009
1 day awareness course for ISO 27001
This seminar, run in association with BSI Business Information), introduces delegates to the features and benefits (of adoption) of the ISO/IEC 27000 Standards (including ISO/IEC 17799).
The International Standard ISO/IEC 17799:2005 is the latest code of practice for information security management. It provides a complete set of guidelines for an effective information security management system (ISMS).
It is essential guidance to help you manage an effective information security policy. It offers a common basis to enable an organization to develop, implement and measure effective security management practice.
The International Standard ISO/IEC 17799:2005 is the latest code of practice for information security management. It provides a complete set of guidelines for an effective information security management system (ISMS).
It is essential guidance to help you manage an effective information security policy. It offers a common basis to enable an organization to develop, implement and measure effective security management practice.
ISO27002 SECTION 14: BCP REVIEW
Business continuity planning is covered by section 14 of the 27002 standard, a core requirement of which is the creation and maintenance of a business continuity plan.
Creating such a plan from scratch is a difficult undertaking of course. This is one reason why software products were produced. Unfortunately these often become problematic in themselves... difficult to learn, expensive, etc.
Recent times have therefore seen a move to simplification, with organizations keen to avoid adding complexity to an already complex task. At the vanguard of this change was a product developed entirely in MS-Word: The BCP Generator.
This was designed from top down to simplify business continuity planning. It comprises two components: a plan template and an interactive guide (the latter using Word macros to jump to and fro into the correct part of the template). It's impact upon the business continuity scene has been substantial, with organizations from the very largest to the smallest embracing the tool and its concepts. It is in active use in over 40 countries.
Creating such a plan from scratch is a difficult undertaking of course. This is one reason why software products were produced. Unfortunately these often become problematic in themselves... difficult to learn, expensive, etc.
Recent times have therefore seen a move to simplification, with organizations keen to avoid adding complexity to an already complex task. At the vanguard of this change was a product developed entirely in MS-Word: The BCP Generator.
This was designed from top down to simplify business continuity planning. It comprises two components: a plan template and an interactive guide (the latter using Word macros to jump to and fro into the correct part of the template). It's impact upon the business continuity scene has been substantial, with organizations from the very largest to the smallest embracing the tool and its concepts. It is in active use in over 40 countries.
ISO/IEC 27001
IT security now also available in German. So far, the central standard for information security management systems (ISMS), ISO/IEC 27001:2005, has only been available in English. Now the standard is also available as a draft in German with the number DIN ISO/IEC 27001:2007-02. The standard defines the requirements for the implementation, surveillance and maintenance of a documented ISMS, which can be certified according to this standard. The key element is the comprehensive risk management system. The standard additionally specifies the systematic structure of a management system, which focuses on application of a process approach, and establishes the prerequisites for an integrated system: ISO 27001 is structured similarly to ISO 9001 and ISO 14001.
Subscribe to:
Posts (Atom)