information security and need of isms
TRANSCRIPT
iFour Consultancy
Information Security & Need of ISMS
Information may be considered as: Resource Commodity Perception of Pattern Constitutive force in society
'Information is an asset which, like other important business assets, has value to an organization and consequently needs to be suitably protected’
- BS ISO 27002:2005
What is Information
Software application development India
What is Information Security
The protection of information and its critical elements, including the systems and hardware that use, store, and transmit that information
Tools, such as policy, awareness, training, education, and technology are
necessary
Software application development India
ISO 27002:2005 defines Information Security as the preservation of:
Information Security (Contd)
Confidentiality
Ensuring that information is accessible only to those authorized to have access
Integrity
Safeguarding the accuracy and completeness of information and processing methods
Availability
Ensuring that authorized users have access to information and associated assets when required
Software application development India
Information Security Management Systems (ISMS) is a systematic and structured approach to managing information so that it remains secure.
ISMS implementation includes policies, processes, procedures, organizational structures and software and hardware functions.
Information Security Management System (ISMS)
Software application development India
Increasing THREATS such as fraud, espionage, fire, flood and sabotage from a wide range of sources
Need to look at information security from a HOLISTIC PERSPECTIVESystematic approach
Need of ISMS
Software application development India
ISO/IEC 27001:2005 Information technology — Security techniques — Information security
management systems — Requirements
ISO/IEC 27002:2005 Information technology — Security techniques — Code of practice for information
security management
ISMS standards
Software application development India
ISO/IEC 27001:2005 – PDCA Model
Establish ISMS
Maintain & Improve ISMS
Implement & operate the
ISMS
Monitor & Review ISMS
Plan
Act Do
Checkhttp://cnii.cybersecurity.my/main/isms-what.html
Software application development India
Security PolicyOrganizing Information Security
Asset ManagementHuman Resource Security
Physical and Environmental SecurityCommunications and Operations Management
Access ControlInformation System Acquisition, Development & Maintenance
Information Security Incident ManagementBusiness Continuity Management
Compliance
ISO/IEC 27002:2005 – Security Areas
http://cnii.cybersecurity.my/main/resources/ISMS.pdf
Software application development India
References
http://cnii.cybersecurity.my/main/isms-what.htmlhttp://cnii.cybersecurity.my/main/resources/ISMS.pdf
Software application development India
Visit- http://www.ifour-consultancy.com
For more details
Software application development India
THANK YOU
Software application development India