2. Mahindra Special Services Group Part of $6.7bn Mahindra Group Corporate Security Risk Consulting Aim is to become leading player in de-risking solutions DineshPillai is the current CEO
4. Information Facts or knowledge provided or learned [Oxford Dictionary] Inversely proportional to probability of occurrence of an event
5. CIA Triad Confidentiality Only those authorized have access to information Integrity Accuracy and completeness of information and processing methods Availability Ensuring that authorized users have access to information and associated assets
6. ISMS Stands for Information Security Management Systems Set of policies for information security management ISMS standards typically follow Deming Cycle Plan Do Check Act
7. Current ISMS standards ISO/IEC 27001 – being followed at MSSG COBIT ITIL Information Security Forum’s Standard of Good Practice SSE-CMM Information Security Management Maturity Model
8. ISO/IEC 27001 Formal specification to bring IS under explicit management control Examination organization’s IS risks Design and implementation of IS controls Continuous monitoring
9. PDCA in ISO/IEC 27001 Design and establish Plan Implement and operate Act Do Update and improve Check Monitor and review
10. Proposed project Review of the prevalent ISMS standards Best practices of successful ISMS implementations Best practices of ISMS audit ISMS maturity levels in various industries in India
11. How will I go about it Detailed study of the major ISMS standards Study of the various ISMS consulting assignments at MSSG Best practices documents
12. Readings &References MSSG corporate factsheet SSE CMM http://www.sse-cmm.org/index.html State-of-the-art information security management systems with ISO/IEC 27001:2005 – ISO Insider ISM3 Consortium - http://www.ism3.com/ Assessment Methodology on Maturity Levels of ISMS by Leem, Kim and Lee Common defects in ISMS of Korean companies by Kwon, Jang, Lee, Kim A study of the certification of ISMS by Fung, Farn, Lin