This presentation focuses on the management clauses of ISO 27001:2013 standards.
The management clause 6 of ISMS framework relates to 'Support'. - by Software development company in india http://www.ifourtechnolab.com/
2. - This will include following
Resources
Competence
Awareness
Communication
Documented Information
Topics covered
Application development company Indiahttp://www.ifourtechnolab.com
3. Resources:
o Organization should determine resources which are needed in the
establsishment,implementation,maintenance of the information security
management system
Clause 7.1
Application development company Indiahttp://www.ifourtechnolab.com
4. Competence:
o Necessary competence of person(s) that affects it performance
o Competent on the basis on education, training and experience
o Retain appropriate documented information as evidence of competence
Clause 7.2
Application development company Indiahttp://www.ifourtechnolab.com
5. Awareness:
Person should be aware of:
o The information security policy
o Contribution of ISMS and benefits of improved information security performance.
o Implications of not conforming ISMS requirements.
Clause 7.3
Application development company Indiahttp://www.ifourtechnolab.com
6. Communication:
Determine need for internal and external communication relevant to the ISMS
o On what to communicate
o When to communicate
o With whom to communication
o Who shall communicate
o The process by which communication shall be effected
Clause 7.4
Application development company Indiahttp://www.ifourtechnolab.com
7. Documented information:
- Organization should include
o General documentation required for this international standards
o Documented information determined by the organization as being necessary for
the effectiveness of the ISMS.
Clause 7.5
Application development company Indiahttp://www.ifourtechnolab.com
8. Note: it may differ from organization to organization due to:
o Size of the organization
o Complexity of processes
o The competence of persons
Clause 7.5(Continue..)
Application development company Indiahttp://www.ifourtechnolab.com
9. While creating and updating documents organization should ensure that
o Identification and description
o Format
o Review and approval for suitability and adequacy
Clause 7.5(Continue..)
Application development company Indiahttp://www.ifourtechnolab.com
10. Control of documented information:
o It is suitable for use, where and when it is needed
o it is adequately protected
o Distribution,access,retrieval and use
o Storage
o Control of changes
o Retention and disposition
Clause 7.5(Continue..)
Application development company Indiahttp://www.ifourtechnolab.com