2nd Annual Information Security Conference & Workshop 12-13 May 2010, CBI Conference Centre, London BSI's Information Security conference will provide you with the very latest developments in Information Security Management best practice. Through presentations and discussions with industry experts, you'll gain a thorough understanding of the standards that will underpin and support your work. Equipped with this knowledge, you'll be able to influence your company's information security management processes at boardroom level. Key features and benefits: - Clear guidance on how to achieve the implementation of effective ISMS - Learn about and discuss latest standards developments on Information Security - Indentify steps on how to get the ISM strategy you want adopted and funded by the Board and used across your stakeholder network - Learn from industry and standards experts; how to overcome challenges through best practice and case study examples - Understand the requirements for audit and certification of ISMS - Receive a complimentary copy of BS ISO/IEC 27004:2010 Information Technology. Security Techniques. Information Security Management.Measurement Discover more at: http://shop.bsigroup.com/informationsecurity

1. For programme details, speakers,
and to book visit:
http://shop.bsigroup.com/informationsecurity
E
bo arly
Bo
ok
SA by 5 oki bird
VE Mar ngs
ch
20 20
% 10 &
!
Conference and workshop
Information Security 12 -13 May 2010
CBI Conference Centre London
Best practice and latest developments
Is your business at risk of a serious information Media partners:
security breach?
BSI's Information Security conference will provide you with the very latest
developments in Information Security Management best practice. Through
presentations and discussions with industry experts, you'll gain a thorough
understanding of the standards that will underpin and support your work.
Equipped with this knowledge, you'll be able to influence and shape your
organization’s information security management strategy.
By attending the conference you will:
• Understand how to achieve the implementation of effective ISMS
• Learn about and discuss latest standards developments on information security
• Identify how to get the ISM strategy you want adopted and funded by the Board
and used across your stakeholder network
• Hear how to overcome challenges through best practice and case study examples
from industry and standards experts.
Book now to receive a free copy of BS ISO/IEC 27004 at the conference
raising standards worldwide ™

2. Information Security
Best practice and latest developments
Conference programme 13 May 2010
Chairman’s Introduction • Assessing information security risks and Mike Softley
planning appropriate treatments Senior Consultant,
Alan Calder
CEO, David Brewer Ultima Risk Management
IT Governance Director,
Gamma Secure Systems Limited Cloud Computing – know your
Key information security rights
challenges facing organizations Assessing the effectiveness of • Security compliance
in 2010 an ISMS • The commodity, cost, liability and assurance
• The rationale for assessing effectiveness • Legal requirements
• The drivers for security
• Managing the key security risks • A simple and understandable approach Renzo Marchini
• Addressing the key security challenges • Using ISO/IEC 27004 Solicitor,
• Where organizations are investing in Paul Williams Dechert LLP
security Director,
• How organizations are leveraging new Paul Williams Consulting Managing security in outsourced
technology to support addressing the and off-shored environments
security risks The business case for • Business risks in outsourcing, off-shoring
Steve Holt BS ISO/IEC 25777 - Code of and cloud environments
Executive Director, EMEIA Financial Services, Practice for ICT Continuity • Security and legal issues throughout the
Ernst & Young LLP • Getting a business perspective outsourcing lifecycle
• Managing expectations • Strategies for due diligence, negotiation
Path to effective information and relationship management
• Ensuring value for money from investment
security management in IT continuity and resilience David Lacey
• Overview of developments in SC 27 • Embedding IT continuity in the business Director of Research,
• Implementation of ISO/IEC 27001 • Where next for BS 25777 - what does ISSA-UK
• How to achieve an effective ISMS internationalization mean?
• Auditing and certification Ron Miller Information security – the way
Angelika Plate Managing Consultant, ahead
Director, Sungard • Emerging trends – need to be more
AEXIS Security Consultants business focussed
Improving security management • IT governance & information security
by embedding BS ISO/IEC 27001 governance developments
ISMS for SMEs
• Aligning board, management and auditors
• Information security management for SMEs • Requirements for an ISMS and for those
– the emergence of a new Business Model
• Pragmatic approach to managing the risk certifying such systems
for Information Security (BMIS)
• Down to earth policies, procedures and • Developing an audit schedule and
identifying integration opportunities Vernon Poole
technical controls
• Continuous improvement - processes Head of Business Consultancy,
• Bridging the SME awareness gap Sapphire
• Getting help and requirements
• Conformity assessment for ISMS
Prof. Edward Humphreys
ISO/IEC JTC1/SC27 WG1 Convenor for ISMS Mike Softley
Standards Senior Consultant,
Prof. of ISMS standards Ultima Risk Management Conference timings
Hagenberg University of Applied Science, Registration: 09:00-09:30
Upper Austria Panel Session Conference begins: 09:30
Conference closes: 17:00
• Security training and awareness
Case Study: • How do you strengthen security at a time
Please note, timings are provided for guidance
only and may be subject to change.
when budgets are tight?
Practical guidance on
David Lacey Drinks reception: 17:00 -
implementation BS ISO/IEC 27003
Director of Research, Delegates are cordially invited to a
• Design the ISMS ISSA-UK complimentary drinks reception at the close of
• Getting management buy-in for an ISMS the conference to celebrate the publication of
project Vernon Poole BS ISO/IEC 27004. The drinks reception is an
Head of Business Consultancy, ideal forum for networking opportunities and
• Conducting information security discussing the day’s findings.
requirements analysis Sapphire
+44 (0)20 8996 9001 +44 (0)20 8996 7001 orders@bsigroup.com http://shop.bsigroup.com/informationsecurity

3. BSI Conference Series
Pre-Conference Workshop 12 May 2010
BSI’s conference workshops provide detailed learning, guidance and practical advice through
small groups and one-to-one interaction with highly skilled and knowledgeable tutors. The
Conference outline
workshops can provide a greater depth of understanding and enable you to get to grips with This conference will discuss the latest
challenging and technical subjects. developments in Information Security
Management (ISM) practice and outline
More than ever before, organizations are today aware of threats that could compromise their
how to implement or improve your ISM
information security causing possible financial loss or damage. The international standard
BS ISO/IEC 27005:2008 describes the information security risk management process and strategy. It will also give you an insight into
associated actions, and has been written to help manage these business-critical risks. requirements for certification and audit and
provide you with the practical guidance on
This is a practical, case study-based workshop on risk management, providing the practical how the implementation of standards could
hands-on implementation of the standard BS ISO/IEC 27005. help you to overcome challenges in your
everyday operation.
ISO/IEC 27001 – Risk Assessment and Management
• Introduction to risk assessment
Key speakers
ISO/IEC 27005 ISMS Risk Management
• David Lacey, Director of Research,
• Identifying security requirements ISSA-UK
• Identifying and evaluating assets • Steve Holt, Executive Director, EMEIA
• Identifying threats and vulnerabilities and the risk of exposure Financial Services, Ernst & Young LLP
• Calculating risks • Prof. Edward Humphreys, ISO/IEC
• Selecting the right risk treatment option(s) JTC1/SC27 WG1 Convenor for ISMS
• Selecting the best set of controls and producing a statement of applicability Standards, Prof. of ISMS standards,
• Risk management Hagenberg University of Applied
Angelika Plate Science, Upper Austria
Director, • Ron Miller, Managing Consultant,
AEXIS Security Consultants Sungard
Who should attend?
Workshop timings
All those in both the private and public
Registration: 09:30 Workshop begins: 10:00 Workshop closes: 16:00
sector responsible for and dealing with:
Please note, timings are provided for guidance only and may be subject to change.
• ICT/IT management, specifically
information security
• E-Commerce
About BSI Conferences • Risk
• BCM
BSI conferences bring together key players to learn about latest trends, regulations and topical
issues with opportunities for delegates to take part in open discussions and debates led by • Governance
panels of expert speakers. In addition, these conferences may have workshops running • Compliance/Audit.
alongside to provide guidance and practical advice.
With relevant and up-to-date information, presented in an accessible and appropriate manner,
you will leave one of our events better equipped to face your professional challenges and
responsibilities. All our events can be used for Continuing Professional Development (CPD).
www.bsigroup.com/conferences
Sponsorship and partner opportunities
Through BSI conferences and events your company will be able to reach your target market
and showcase your new products and solutions. If you are interested in promoting your
company, its products or services at the conference, please call 020 8996 7371 or email
conferences@bsigroup.com
If you would like to work with BSI on a contra basis as either a supporting organization
or a media partner for the conference, please call 020 8996 7497 or email
simon.anderson@bsigroup.com
+44 (0)20 8996 9001 +44 (0)20 8996 7001 orders@bsigroup.com http://shop.bsigroup.com/informationsecurity

4. Information Security FIVE EASY WAYS
Best practice and latest developments TO BOOK
London 12 -13 May 2010 – CBI Conference Centre, London
DELEGATE DETAILS Online:
http://shop.bsigroup.com/informationsecurity
1 Mr/Ms/Miss/Mrs/Dr/Other First Name(s)
Surname Email:
Job Title Organization orders@bsigroup.com
Address
Postcode Country Telephone:
Tel Fax
+44 (0)20 8996 9001
Email
BSI Membership No. (if applicable) Fax:
PRICING +44 (0)20 8996 7001
Early bird pricing
Book by 5 March 2010
Conference only*
13 May 2010
Conference & pre-conference
workshop package*
Mail:
Please ✓ your selection(s) 12-13 May 2010 Send your completed form to:
Customer Services
Standard rate Non-member £399.00 + VAT £600.00 + VAT
BSI
Standard rate Member¹ £359.10 + VAT £520.00 + VAT 389 Chiswick High Road
London
SME rate† Non-member £319.00 + VAT £520.00 + VAT
W4 4AL
SME rate† Member¹ £287.10 + VAT £468.00 + VAT Please retain a copy for your records.
Public sector/charity rate Non-member £239.00 + VAT £460.00 + VAT
Public sector/charity rate Member¹ £215.10 + VAT £414.00 + VAT
Standard pricing Conference only* Conference & pre-conference
Conference Information
Booked after 5 March 2010 13 May 2010 workshop package* Full joining instructions will be sent
upon receipt and confirmation of your
Please ✓ your selection(s) 12-13 May 2010
booking. If you have not received your
Standard rate Non-member £499.00 + VAT £750.00 + VAT confirmed instructions within 3 days,
please call Customer Services on
Standard rate Member¹ £449.10 + VAT £675.00 + VAT +44 (0)20 8996 9001 to confirm your
booking has been placed.
SME rate† Non-member £399.00 + VAT £650.00 + VAT
SME rate† Member¹ £359.10 + VAT £585.00 + VAT Terms and Conditions:
All cancellations and name change requests must be
Public sector/charity rate Non-member £299.00 + VAT £575.00 + VAT made in writing to the Head of Delegate
Administration either by email, fax or letter and will be
Public sector/charity rate Member¹ £269.10 + VAT £517.50 + VAT acknowledged in writing.
Contact details are:
Discounts: Head of Delegate Administration Customer Services
BSI
BSI members are entitled to a 10% discount. Member discount applies to members on provision of appropriate BSI Group Headquarters
membership number or booking code on conference and/or workshop bookings 389 Chiswick High Road
¹ Member discount applies to members on provision of appropriate membership number or booking code on conference London W4 4AL
and/or workshop bookings Fax: 020 8996 7001
† An SME is defined as an organization that employs fewer than 250 persons and which have an annual turnover not Email: cservices@bsigroup.com
exceeding £45.5 million.
A full refund will be given if you cancel earlier than one
If you have 5 or more delegates, please contact +44 (0)20 8996 7744 for group package rates. calendar month before the event. If you cancel after
that date or do not attend, no refund will be given.
All prices are subject to VAT at the applicable UK rate. There is no charge to request a delegate name change.
* Conference price includes one hard copy of BS ISO/IEC 27004 per delegate, subject to availability, to be given out If you are travelling from overseas we recommend you
on the day of the conference. confirm your visa (if applicable) before booking your
place.
Total Payable: £ All bookings for events are subject to VAT (or local
equivalent if the event is not held in the UK) and
payment terms of 30 days. If you are a non UK
PAYMENT DETAILS company you may be entitled to claim back the VAT
through HMRC. (see www.hmrc.gov.uk for more
information).
Cheque: Please make payable to BSI
BSI reserves the right at any time and without prior
Credit Card: Please complete as follows notice to change the venue and/or speakers and/or
programme and/or price from that described. BSI
Credit Card details: VISA MASTERCARD AMERICAN EXPRESS accepts no responsibility for the views expressed by the
speakers or any other persons present at the event.
BSI reserves the right to cancel the event, in which case
a full refund will be given. BSI does not accept liability
Credit Card No. for any travel, accommodation or any other costs.
Delegate contact details will not be passed to any third
Expiry Date Cardholder Name party; however the conference handbook will include a
list of delegate and company names correct at the time
Please debit my/our Credit Card to the sum of £ of print. The handbook is protected by copyright.
Attendees are not permitted to record any part of the
event. All conferences will be delivered in English unless
Signature Date otherwise stated.
Your contact details will be used to complete your request. We will send you relevant information about our products and
services that may be of interest to you by post or via email. If you do not wish to be kept up-to-date please tick this box.
We will never supply your information to third parties for marketing purposes. BSI handles all personal information in
compliance with the Data Protection Act 1998 and the EU Communications Directive 2002.
Sign up now to receive FREE regular email updates from BSI on conferences and training.
Register at www.bsigroup.com/newsletters 02/10
Book online at http://shop.bsigroup.com/informationsecurity