1. BSI Management System Beata Tang BSI Product Manager Introduction of an International Practise to Enhance Information Security

2. Hacker Process Failure Contractor Problem Employee Error Incidents System Failure Service Interruption Information Leakage

3. How many controls do we need? Security Controls

4. Introduction of Information Security Management Standards ISO 27001:2005

5. How ISMS Evolves BS 7799-2:1999 developed to support certification BS 7799-1:1995 Guidance Document Obtain ISO status ISMS 1995 BS 7799-1 1998 BS 7799-2 1999 BS 7799:1999 2000 ISO 17799:2000 (BS 7799-1) 2002 BS 7799-2:2002 2005 ISO27001:2005

6. Aim of ISMS Safeguarding the Confidentiality , Integrity and Availability of written , spoken and electronic information . Confidentiality Availability Integrity

8. What is the Risk Assessment about ? Risk Threat Risk Treatment Vulnerabilities Asset Acceptable Level

9. Why ISO27001 ISO17799 & ISO27001

12. Benefits of Implementing ISO27001 ISO17799 & ISO27001

15. How ISO27001 help and improve Infosec at workplace ISO17799 & ISO27001

19. Why ISO 27001 Certified ISO17799 & ISO27001

21. Benefits of certifying ISO27001 Increasing Confidence - externally (customers / interest parties) & - internally (management & staff) Increase competitive edge Demonstrate commitment to information security

23. Introduction of ISO 27001 Certification Scheme ISO17799 & ISO27001

24. BSI Route to Certification Next Verification visit decided by Verfier. Max 3 year audit cycle. Max possible interim 12 months Pre-Application Questionnaire Quotation Application Stage 1: Assessment Certification 3-Year cycle Surveillance Assessment 3 rd Year Re-assessment Optional Pre-assessment Gap Analysis & / or Stage 2: Assessment

25. CUSTOMER PROFILE WITH BS 7799 / ISO 27001 CERTIFICATIONS Over 45% market share in the world …

26. For more ISO17799 & ISO27001 Pease contact our: Sales, Marketing & Training Department Tel: +852 3149-3300 / 3149-3320 Fax: +852 2743-8727 / 8343-7336 Email mkt. [email_address]