SlideShare una empresa de Scribd logo
1 de 27
Descargar para leer sin conexión
BSI Management System Beata Tang BSI Product Manager Introduction of  an International Practise to Enhance Information Security
Hacker   Process Failure Contractor Problem Employee Error Incidents System  Failure Service Interruption Information Leakage
How many controls  do we need? Security Controls
Introduction of   Information Security Management Standards ISO 27001:2005
How ISMS Evolves BS 7799-2:1999  developed to support certification BS 7799-1:1995  Guidance Document Obtain ISO status ISMS 1995 BS 7799-1 1998 BS 7799-2 1999 BS 7799:1999 2000 ISO 17799:2000 (BS 7799-1) 2002 BS 7799-2:2002 2005 ISO27001:2005
Aim of ISMS Safeguarding the  Confidentiality ,  Integrity  and  Availability  of  written ,  spoken  and  electronic information .   Confidentiality Availability Integrity
What is the ISMS Standard about? DO Implement & Operate ISMS ACT Maintain & Improve ISMS Annex A 133  Controls Management Clause 4 ~ 8  ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],CHECK Monitor & Review ISMS PLAN Establish ISMS
What is the Risk Assessment about ? Risk Threat Risk  Treatment Vulnerabilities Asset Acceptable Level
Why  ISO27001 ISO17799 & ISO27001
[object Object],[object Object],[object Object],Benefits of implementing ISO27001
ISO 27001 & ISO 27002 ,[object Object],Australia Brazil Canada Denmark Germany Iceland India Ireland Malaysia Netherlands New Zealand Czech Republic Taiwan Japan Korea Norway Poland Singapore South Africa Sweden Switzerland UK UAE
Benefits of  Implementing ISO27001 ISO17799 & ISO27001
[object Object],[object Object],[object Object],[object Object],Benefits of implementation
[object Object],[object Object],[object Object],Benefits of implementation  (cont)
How ISO27001 help and improve Infosec at workplace ISO17799 & ISO27001
[object Object],[object Object],ISO 27001 helps to improve infosec
[object Object],[object Object],[object Object],ISO 27001 helps to improve infosec
Security Controls ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],11 Control Areas 39 Control Objectives  (Security Categories) 133 Controls
Why ISO 27001  Certified ISO17799 & ISO27001
[object Object],[object Object],[object Object],Benefits of certifying ISO27001
Benefits of certifying ISO27001 Increasing  Confidence  -   externally (customers / interest parties) &  - internally  (management & staff) Increase competitive edge Demonstrate commitment to information security
[object Object],[object Object],Benefits of certifying ISO27001
Introduction of  ISO 27001  Certification Scheme ISO17799 & ISO27001
BSI Route to Certification Next Verification visit decided by Verfier. Max 3 year audit cycle. Max possible interim 12 months  Pre-Application Questionnaire Quotation Application Stage 1: Assessment Certification 3-Year cycle Surveillance  Assessment 3 rd  Year Re-assessment Optional   Pre-assessment Gap Analysis & / or   Stage 2: Assessment
CUSTOMER PROFILE WITH BS 7799 / ISO 27001 CERTIFICATIONS Over 45% market share in the world …
For more  ISO17799 & ISO27001 Pease contact our: Sales, Marketing & Training Department  Tel: +852 3149-3300 / 3149-3320 Fax: +852 2743-8727 / 8343-7336 Email mkt. [email_address]
More about ISO 27000:2005 International Standard Series ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Still in Development Available now / soon Future new product development

Más contenido relacionado

La actualidad más candente

ISO 27001 - three years of lessons learned
ISO 27001 - three years of lessons learnedISO 27001 - three years of lessons learned
ISO 27001 - three years of lessons learnedJisc
 
ISO 27001 Training | ISO 27001 Implementation
ISO 27001 Training | ISO 27001 ImplementationISO 27001 Training | ISO 27001 Implementation
ISO 27001 Training | ISO 27001 Implementationhimalya sharma
 
PECB Webinar: ISO 27001 in the world today. Why you should consider it?
PECB Webinar: ISO 27001 in the world today. Why you should consider it?PECB Webinar: ISO 27001 in the world today. Why you should consider it?
PECB Webinar: ISO 27001 in the world today. Why you should consider it?PECB
 
ISO 27001 Training | ISMS Awareness Training
ISO 27001 Training | ISMS Awareness TrainingISO 27001 Training | ISMS Awareness Training
ISO 27001 Training | ISMS Awareness Traininghimalya sharma
 
PECB Certified ISO 27001:2013 Lead Implementer by Kinverg
PECB Certified ISO 27001:2013 Lead Implementer by KinvergPECB Certified ISO 27001:2013 Lead Implementer by Kinverg
PECB Certified ISO 27001:2013 Lead Implementer by KinvergKinverg
 
Iso 27001 lead implementer training
Iso 27001 lead implementer trainingIso 27001 lead implementer training
Iso 27001 lead implementer trainingInfosecTrain
 
Best Approach to Integrate ISO 9001 and ISO 27001 Simultaneously
Best Approach to Integrate ISO 9001 and ISO 27001 SimultaneouslyBest Approach to Integrate ISO 9001 and ISO 27001 Simultaneously
Best Approach to Integrate ISO 9001 and ISO 27001 SimultaneouslyPECB
 
ISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureUppala Anand
 
Iso27001 Audit Services
Iso27001 Audit ServicesIso27001 Audit Services
Iso27001 Audit Servicesmcloete
 
How to get iso 27001 certification in uganda
How to get iso 27001 certification in ugandaHow to get iso 27001 certification in uganda
How to get iso 27001 certification in ugandaAnoosha Factocert
 
ET4045-Information Security Management System-2018
ET4045-Information Security Management System-2018ET4045-Information Security Management System-2018
ET4045-Information Security Management System-2018Wervyan Shalannanda
 
we45 ISO-27001 Case Study
we45 ISO-27001 Case Studywe45 ISO-27001 Case Study
we45 ISO-27001 Case Studywe45
 
Tripwire Iso 27001 Wp
Tripwire Iso 27001 WpTripwire Iso 27001 Wp
Tripwire Iso 27001 Wpketanaagja
 
Planning for-and implementing ISO 27001
Planning for-and implementing ISO 27001Planning for-and implementing ISO 27001
Planning for-and implementing ISO 27001Yerlin Sturdivant
 
NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NQA
 
Iso 27001 certification body in singapore
Iso 27001 certification body in singaporeIso 27001 certification body in singapore
Iso 27001 certification body in singaporeiassingapore
 
Neupart webinar 1: Four shortcuts to better risk assessments
Neupart webinar 1: Four shortcuts to better risk assessmentsNeupart webinar 1: Four shortcuts to better risk assessments
Neupart webinar 1: Four shortcuts to better risk assessmentsLars Neupart
 

La actualidad más candente (20)

ISO 27001 - three years of lessons learned
ISO 27001 - three years of lessons learnedISO 27001 - three years of lessons learned
ISO 27001 - three years of lessons learned
 
ISO 27001 Training | ISO 27001 Implementation
ISO 27001 Training | ISO 27001 ImplementationISO 27001 Training | ISO 27001 Implementation
ISO 27001 Training | ISO 27001 Implementation
 
PECB Webinar: ISO 27001 in the world today. Why you should consider it?
PECB Webinar: ISO 27001 in the world today. Why you should consider it?PECB Webinar: ISO 27001 in the world today. Why you should consider it?
PECB Webinar: ISO 27001 in the world today. Why you should consider it?
 
ISO 27001 Training | ISMS Awareness Training
ISO 27001 Training | ISMS Awareness TrainingISO 27001 Training | ISMS Awareness Training
ISO 27001 Training | ISMS Awareness Training
 
PECB Certified ISO 27001:2013 Lead Implementer by Kinverg
PECB Certified ISO 27001:2013 Lead Implementer by KinvergPECB Certified ISO 27001:2013 Lead Implementer by Kinverg
PECB Certified ISO 27001:2013 Lead Implementer by Kinverg
 
Iso 27001 lead implementer training
Iso 27001 lead implementer trainingIso 27001 lead implementer training
Iso 27001 lead implementer training
 
Iso 29001 white paper lakshy rev02_17022015 low
Iso 29001 white paper lakshy rev02_17022015 lowIso 29001 white paper lakshy rev02_17022015 low
Iso 29001 white paper lakshy rev02_17022015 low
 
Best Approach to Integrate ISO 9001 and ISO 27001 Simultaneously
Best Approach to Integrate ISO 9001 and ISO 27001 SimultaneouslyBest Approach to Integrate ISO 9001 and ISO 27001 Simultaneously
Best Approach to Integrate ISO 9001 and ISO 27001 Simultaneously
 
ISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedure
 
Iso27001 Audit Services
Iso27001 Audit ServicesIso27001 Audit Services
Iso27001 Audit Services
 
How to get iso 27001 certification in uganda
How to get iso 27001 certification in ugandaHow to get iso 27001 certification in uganda
How to get iso 27001 certification in uganda
 
ET4045-Information Security Management System-2018
ET4045-Information Security Management System-2018ET4045-Information Security Management System-2018
ET4045-Information Security Management System-2018
 
we45 ISO-27001 Case Study
we45 ISO-27001 Case Studywe45 ISO-27001 Case Study
we45 ISO-27001 Case Study
 
Tripwire Iso 27001 Wp
Tripwire Iso 27001 WpTripwire Iso 27001 Wp
Tripwire Iso 27001 Wp
 
ISO.IEC 27000 Series Map
ISO.IEC 27000 Series MapISO.IEC 27000 Series Map
ISO.IEC 27000 Series Map
 
27001 2015(+a1)
27001 2015(+a1)27001 2015(+a1)
27001 2015(+a1)
 
Planning for-and implementing ISO 27001
Planning for-and implementing ISO 27001Planning for-and implementing ISO 27001
Planning for-and implementing ISO 27001
 
NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001
 
Iso 27001 certification body in singapore
Iso 27001 certification body in singaporeIso 27001 certification body in singapore
Iso 27001 certification body in singapore
 
Neupart webinar 1: Four shortcuts to better risk assessments
Neupart webinar 1: Four shortcuts to better risk assessmentsNeupart webinar 1: Four shortcuts to better risk assessments
Neupart webinar 1: Four shortcuts to better risk assessments
 

Destacado

Iso27001 Isaca Seminar (23 May 08)
Iso27001  Isaca Seminar (23 May 08)Iso27001  Isaca Seminar (23 May 08)
Iso27001 Isaca Seminar (23 May 08)samsontamwaiho
 
IT Career Opportunities
IT Career OpportunitiesIT Career Opportunities
IT Career Opportunitiessamsontamwaiho
 
香港六合彩
香港六合彩香港六合彩
香港六合彩cctv
 
Paola Vergara Ponce
Paola Vergara PoncePaola Vergara Ponce
Paola Vergara Poncepichicho
 
IT Career Opportunities
IT Career OpportunitiesIT Career Opportunities
IT Career Opportunitiessamsontamwaiho
 
香港六合彩
香港六合彩香港六合彩
香港六合彩cctv
 
香港六合彩
香港六合彩香港六合彩
香港六合彩cctv
 
Salut 2.0 Blocs V-VIII
Salut 2.0 Blocs V-VIIISalut 2.0 Blocs V-VIII
Salut 2.0 Blocs V-VIIITino Marti
 

Destacado (9)

Iso27001 Isaca Seminar (23 May 08)
Iso27001  Isaca Seminar (23 May 08)Iso27001  Isaca Seminar (23 May 08)
Iso27001 Isaca Seminar (23 May 08)
 
IT Career Opportunities
IT Career OpportunitiesIT Career Opportunities
IT Career Opportunities
 
香港六合彩
香港六合彩香港六合彩
香港六合彩
 
Paola Vergara Ponce
Paola Vergara PoncePaola Vergara Ponce
Paola Vergara Ponce
 
IT Career Opportunities
IT Career OpportunitiesIT Career Opportunities
IT Career Opportunities
 
香港六合彩
香港六合彩香港六合彩
香港六合彩
 
香港六合彩
香港六合彩香港六合彩
香港六合彩
 
Salut 2.0 Blocs V-VIII
Salut 2.0 Blocs V-VIIISalut 2.0 Blocs V-VIII
Salut 2.0 Blocs V-VIII
 
ISO 27001 Benefits
ISO 27001 BenefitsISO 27001 Benefits
ISO 27001 Benefits
 

Similar a Iso27001 Isaca Seminar (23 May 08)

ISMS Part I
ISMS Part IISMS Part I
ISMS Part Ikhushboo
 
Overview of ISO 27001 ISMS
Overview of ISO 27001 ISMSOverview of ISO 27001 ISMS
Overview of ISO 27001 ISMSAkhil Garg
 
ADDRESSING CORPORATE CONCERNS
ADDRESSING CORPORATE CONCERNSADDRESSING CORPORATE CONCERNS
ADDRESSING CORPORATE CONCERNSzohaibqadir
 
Basic introduction to iso27001
Basic introduction to iso27001Basic introduction to iso27001
Basic introduction to iso27001Imran Ahmed
 
ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013  An Overview ISO/IEC 27001:2013  An Overview
ISO/IEC 27001:2013 An Overview Ahmed Riad .
 
Cyber resolution ban-ana comparing to ana-nas.pdf
Cyber resolution ban-ana comparing to ana-nas.pdfCyber resolution ban-ana comparing to ana-nas.pdf
Cyber resolution ban-ana comparing to ana-nas.pdftoncik
 
Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentationMidhun Nirmal
 
ISO 27001 In The Age Of Privacy
ISO 27001 In The Age Of PrivacyISO 27001 In The Age Of Privacy
ISO 27001 In The Age Of PrivacyControlCase
 
ISO 27001 2002 Update Webinar.pdf
ISO 27001 2002 Update Webinar.pdfISO 27001 2002 Update Webinar.pdf
ISO 27001 2002 Update Webinar.pdfControlCase
 
It security iso 27001
It security iso 27001It security iso 27001
It security iso 27001Iris Maaß
 
Gs Us Roadmap For A World Class Information Security Management System– Isoie...
Gs Us Roadmap For A World Class Information Security Management System– Isoie...Gs Us Roadmap For A World Class Information Security Management System– Isoie...
Gs Us Roadmap For A World Class Information Security Management System– Isoie...Tammy Clark
 
Select information security system 2015en
Select information security system 2015enSelect information security system 2015en
Select information security system 2015enIris Maaß
 
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA
 
NQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation GuideNQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation GuideNA Putra
 

Similar a Iso27001 Isaca Seminar (23 May 08) (20)

ISMS Part I
ISMS Part IISMS Part I
ISMS Part I
 
Overview of ISO 27001 ISMS
Overview of ISO 27001 ISMSOverview of ISO 27001 ISMS
Overview of ISO 27001 ISMS
 
Iso 27001 awareness
Iso 27001 awarenessIso 27001 awareness
Iso 27001 awareness
 
ADDRESSING CORPORATE CONCERNS
ADDRESSING CORPORATE CONCERNSADDRESSING CORPORATE CONCERNS
ADDRESSING CORPORATE CONCERNS
 
Basic introduction to iso27001
Basic introduction to iso27001Basic introduction to iso27001
Basic introduction to iso27001
 
ISO CERTIFICATIONS
ISO CERTIFICATIONSISO CERTIFICATIONS
ISO CERTIFICATIONS
 
ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013  An Overview ISO/IEC 27001:2013  An Overview
ISO/IEC 27001:2013 An Overview
 
Iso 27001 isms
Iso 27001 ismsIso 27001 isms
Iso 27001 isms
 
What is iso 27001 isms
What is iso 27001 ismsWhat is iso 27001 isms
What is iso 27001 isms
 
Cyber resolution ban-ana comparing to ana-nas.pdf
Cyber resolution ban-ana comparing to ana-nas.pdfCyber resolution ban-ana comparing to ana-nas.pdf
Cyber resolution ban-ana comparing to ana-nas.pdf
 
Cyber Security Management
Cyber Security ManagementCyber Security Management
Cyber Security Management
 
Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentation
 
ISO 27001 In The Age Of Privacy
ISO 27001 In The Age Of PrivacyISO 27001 In The Age Of Privacy
ISO 27001 In The Age Of Privacy
 
Iso 27001 isms - white paper
Iso 27001   isms -   white paperIso 27001   isms -   white paper
Iso 27001 isms - white paper
 
ISO 27001 2002 Update Webinar.pdf
ISO 27001 2002 Update Webinar.pdfISO 27001 2002 Update Webinar.pdf
ISO 27001 2002 Update Webinar.pdf
 
It security iso 27001
It security iso 27001It security iso 27001
It security iso 27001
 
Gs Us Roadmap For A World Class Information Security Management System– Isoie...
Gs Us Roadmap For A World Class Information Security Management System– Isoie...Gs Us Roadmap For A World Class Information Security Management System– Isoie...
Gs Us Roadmap For A World Class Information Security Management System– Isoie...
 
Select information security system 2015en
Select information security system 2015enSelect information security system 2015en
Select information security system 2015en
 
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation Guide
 
NQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation GuideNQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation Guide
 

Último

Taipei, A Hidden Jewel in East Asia - PR Strategy for Tourism
Taipei, A Hidden Jewel in East Asia - PR Strategy for TourismTaipei, A Hidden Jewel in East Asia - PR Strategy for Tourism
Taipei, A Hidden Jewel in East Asia - PR Strategy for TourismBrian Lin
 
Monthly Market Risk Update: March 2024 [SlideShare]
Monthly Market Risk Update: March 2024 [SlideShare]Monthly Market Risk Update: March 2024 [SlideShare]
Monthly Market Risk Update: March 2024 [SlideShare]Commonwealth
 
Stock Market Brief Deck for 3/22/2024.pdf
Stock Market Brief Deck for 3/22/2024.pdfStock Market Brief Deck for 3/22/2024.pdf
Stock Market Brief Deck for 3/22/2024.pdfMichael Silva
 
Buy and Sell Urban Tots unlisted shares.pptx
Buy and Sell Urban Tots unlisted shares.pptxBuy and Sell Urban Tots unlisted shares.pptx
Buy and Sell Urban Tots unlisted shares.pptxPrecize Formely Leadoff
 
ACCOUNTING FOR BUSINESS.II BRANCH ACCOUNTS NOTES
ACCOUNTING FOR BUSINESS.II BRANCH ACCOUNTS NOTESACCOUNTING FOR BUSINESS.II BRANCH ACCOUNTS NOTES
ACCOUNTING FOR BUSINESS.II BRANCH ACCOUNTS NOTESKumarJayaraman3
 
ACCOUNTING FOR BUSINESS.II DEPARTMENTAL ACCOUNTS.
ACCOUNTING FOR BUSINESS.II DEPARTMENTAL ACCOUNTS.ACCOUNTING FOR BUSINESS.II DEPARTMENTAL ACCOUNTS.
ACCOUNTING FOR BUSINESS.II DEPARTMENTAL ACCOUNTS.KumarJayaraman3
 
India Economic Survey Complete for the year of 2022 to 2023
India Economic Survey Complete for the year of 2022 to 2023India Economic Survey Complete for the year of 2022 to 2023
India Economic Survey Complete for the year of 2022 to 2023SkillCircle
 
Remembering my Totem _Unity is Strength_ growing in Bophuthatswana_Matthews B...
Remembering my Totem _Unity is Strength_ growing in Bophuthatswana_Matthews B...Remembering my Totem _Unity is Strength_ growing in Bophuthatswana_Matthews B...
Remembering my Totem _Unity is Strength_ growing in Bophuthatswana_Matthews B...Matthews Bantsijang
 
Lundin Gold March 2024 Corporate Presentation - PDAC v1.pdf
Lundin Gold March 2024 Corporate Presentation - PDAC v1.pdfLundin Gold March 2024 Corporate Presentation - PDAC v1.pdf
Lundin Gold March 2024 Corporate Presentation - PDAC v1.pdfAdnet Communications
 
Solution manual for Intermediate Accounting, 11th Edition by David Spiceland...
Solution manual for  Intermediate Accounting, 11th Edition by David Spiceland...Solution manual for  Intermediate Accounting, 11th Edition by David Spiceland...
Solution manual for Intermediate Accounting, 11th Edition by David Spiceland...mwangimwangi222
 
Contracts with Interdependent Preferences
Contracts with Interdependent PreferencesContracts with Interdependent Preferences
Contracts with Interdependent PreferencesGRAPE
 
Stock Market Brief Deck for March 19 2024.pdf
Stock Market Brief Deck for March 19 2024.pdfStock Market Brief Deck for March 19 2024.pdf
Stock Market Brief Deck for March 19 2024.pdfMichael Silva
 
Slideshare - ONS Economic Forum Slidepack - 18 March 2024.pptx
Slideshare - ONS Economic Forum Slidepack - 18 March 2024.pptxSlideshare - ONS Economic Forum Slidepack - 18 March 2024.pptx
Slideshare - ONS Economic Forum Slidepack - 18 March 2024.pptxOffice for National Statistics
 
Mphasis - Schwab Newsletter PDF - Sample 8707
Mphasis - Schwab Newsletter PDF - Sample 8707Mphasis - Schwab Newsletter PDF - Sample 8707
Mphasis - Schwab Newsletter PDF - Sample 8707harshan90
 
The Power Laws of Bitcoin: How can an S-curve be a power law?
The Power Laws of Bitcoin: How can an S-curve be a power law?The Power Laws of Bitcoin: How can an S-curve be a power law?
The Power Laws of Bitcoin: How can an S-curve be a power law?Stephen Perrenod
 
RWA Report 2024: Rise of Real-World Assets in Crypto | CoinGecko
RWA Report 2024: Rise of Real-World Assets in Crypto | CoinGeckoRWA Report 2024: Rise of Real-World Assets in Crypto | CoinGecko
RWA Report 2024: Rise of Real-World Assets in Crypto | CoinGeckoCoinGecko
 
Stock Market Brief Deck for March 26.pdf
Stock Market Brief Deck for March 26.pdfStock Market Brief Deck for March 26.pdf
Stock Market Brief Deck for March 26.pdfMichael Silva
 
Introduction to Entrepreneurship and Characteristics of an Entrepreneur
Introduction to Entrepreneurship and Characteristics of an EntrepreneurIntroduction to Entrepreneurship and Characteristics of an Entrepreneur
Introduction to Entrepreneurship and Characteristics of an Entrepreneurabcisahunter
 
What Key Factors Should Risk Officers Consider When Using Generative AI
What Key Factors Should Risk Officers Consider When Using Generative AIWhat Key Factors Should Risk Officers Consider When Using Generative AI
What Key Factors Should Risk Officers Consider When Using Generative AI360factors
 

Último (20)

Taipei, A Hidden Jewel in East Asia - PR Strategy for Tourism
Taipei, A Hidden Jewel in East Asia - PR Strategy for TourismTaipei, A Hidden Jewel in East Asia - PR Strategy for Tourism
Taipei, A Hidden Jewel in East Asia - PR Strategy for Tourism
 
Monthly Market Risk Update: March 2024 [SlideShare]
Monthly Market Risk Update: March 2024 [SlideShare]Monthly Market Risk Update: March 2024 [SlideShare]
Monthly Market Risk Update: March 2024 [SlideShare]
 
Stock Market Brief Deck for 3/22/2024.pdf
Stock Market Brief Deck for 3/22/2024.pdfStock Market Brief Deck for 3/22/2024.pdf
Stock Market Brief Deck for 3/22/2024.pdf
 
Buy and Sell Urban Tots unlisted shares.pptx
Buy and Sell Urban Tots unlisted shares.pptxBuy and Sell Urban Tots unlisted shares.pptx
Buy and Sell Urban Tots unlisted shares.pptx
 
ACCOUNTING FOR BUSINESS.II BRANCH ACCOUNTS NOTES
ACCOUNTING FOR BUSINESS.II BRANCH ACCOUNTS NOTESACCOUNTING FOR BUSINESS.II BRANCH ACCOUNTS NOTES
ACCOUNTING FOR BUSINESS.II BRANCH ACCOUNTS NOTES
 
ACCOUNTING FOR BUSINESS.II DEPARTMENTAL ACCOUNTS.
ACCOUNTING FOR BUSINESS.II DEPARTMENTAL ACCOUNTS.ACCOUNTING FOR BUSINESS.II DEPARTMENTAL ACCOUNTS.
ACCOUNTING FOR BUSINESS.II DEPARTMENTAL ACCOUNTS.
 
India Economic Survey Complete for the year of 2022 to 2023
India Economic Survey Complete for the year of 2022 to 2023India Economic Survey Complete for the year of 2022 to 2023
India Economic Survey Complete for the year of 2022 to 2023
 
Remembering my Totem _Unity is Strength_ growing in Bophuthatswana_Matthews B...
Remembering my Totem _Unity is Strength_ growing in Bophuthatswana_Matthews B...Remembering my Totem _Unity is Strength_ growing in Bophuthatswana_Matthews B...
Remembering my Totem _Unity is Strength_ growing in Bophuthatswana_Matthews B...
 
Lundin Gold March 2024 Corporate Presentation - PDAC v1.pdf
Lundin Gold March 2024 Corporate Presentation - PDAC v1.pdfLundin Gold March 2024 Corporate Presentation - PDAC v1.pdf
Lundin Gold March 2024 Corporate Presentation - PDAC v1.pdf
 
Solution manual for Intermediate Accounting, 11th Edition by David Spiceland...
Solution manual for  Intermediate Accounting, 11th Edition by David Spiceland...Solution manual for  Intermediate Accounting, 11th Edition by David Spiceland...
Solution manual for Intermediate Accounting, 11th Edition by David Spiceland...
 
Contracts with Interdependent Preferences
Contracts with Interdependent PreferencesContracts with Interdependent Preferences
Contracts with Interdependent Preferences
 
Stock Market Brief Deck for March 19 2024.pdf
Stock Market Brief Deck for March 19 2024.pdfStock Market Brief Deck for March 19 2024.pdf
Stock Market Brief Deck for March 19 2024.pdf
 
Slideshare - ONS Economic Forum Slidepack - 18 March 2024.pptx
Slideshare - ONS Economic Forum Slidepack - 18 March 2024.pptxSlideshare - ONS Economic Forum Slidepack - 18 March 2024.pptx
Slideshare - ONS Economic Forum Slidepack - 18 March 2024.pptx
 
Mphasis - Schwab Newsletter PDF - Sample 8707
Mphasis - Schwab Newsletter PDF - Sample 8707Mphasis - Schwab Newsletter PDF - Sample 8707
Mphasis - Schwab Newsletter PDF - Sample 8707
 
The Power Laws of Bitcoin: How can an S-curve be a power law?
The Power Laws of Bitcoin: How can an S-curve be a power law?The Power Laws of Bitcoin: How can an S-curve be a power law?
The Power Laws of Bitcoin: How can an S-curve be a power law?
 
RWA Report 2024: Rise of Real-World Assets in Crypto | CoinGecko
RWA Report 2024: Rise of Real-World Assets in Crypto | CoinGeckoRWA Report 2024: Rise of Real-World Assets in Crypto | CoinGecko
RWA Report 2024: Rise of Real-World Assets in Crypto | CoinGecko
 
New Monthly Enterprises Survey. Issue 21. (01.2024) Ukrainian Business in War...
New Monthly Enterprises Survey. Issue 21. (01.2024) Ukrainian Business in War...New Monthly Enterprises Survey. Issue 21. (01.2024) Ukrainian Business in War...
New Monthly Enterprises Survey. Issue 21. (01.2024) Ukrainian Business in War...
 
Stock Market Brief Deck for March 26.pdf
Stock Market Brief Deck for March 26.pdfStock Market Brief Deck for March 26.pdf
Stock Market Brief Deck for March 26.pdf
 
Introduction to Entrepreneurship and Characteristics of an Entrepreneur
Introduction to Entrepreneurship and Characteristics of an EntrepreneurIntroduction to Entrepreneurship and Characteristics of an Entrepreneur
Introduction to Entrepreneurship and Characteristics of an Entrepreneur
 
What Key Factors Should Risk Officers Consider When Using Generative AI
What Key Factors Should Risk Officers Consider When Using Generative AIWhat Key Factors Should Risk Officers Consider When Using Generative AI
What Key Factors Should Risk Officers Consider When Using Generative AI
 

Iso27001 Isaca Seminar (23 May 08)

  • 1. BSI Management System Beata Tang BSI Product Manager Introduction of an International Practise to Enhance Information Security
  • 2. Hacker Process Failure Contractor Problem Employee Error Incidents System Failure Service Interruption Information Leakage
  • 3. How many controls do we need? Security Controls
  • 4. Introduction of Information Security Management Standards ISO 27001:2005
  • 5. How ISMS Evolves BS 7799-2:1999 developed to support certification BS 7799-1:1995 Guidance Document Obtain ISO status ISMS 1995 BS 7799-1 1998 BS 7799-2 1999 BS 7799:1999 2000 ISO 17799:2000 (BS 7799-1) 2002 BS 7799-2:2002 2005 ISO27001:2005
  • 6. Aim of ISMS Safeguarding the Confidentiality , Integrity and Availability of written , spoken and electronic information . Confidentiality Availability Integrity
  • 7.
  • 8. What is the Risk Assessment about ? Risk Threat Risk Treatment Vulnerabilities Asset Acceptable Level
  • 9. Why ISO27001 ISO17799 & ISO27001
  • 10.
  • 11.
  • 12. Benefits of Implementing ISO27001 ISO17799 & ISO27001
  • 13.
  • 14.
  • 15. How ISO27001 help and improve Infosec at workplace ISO17799 & ISO27001
  • 16.
  • 17.
  • 18.
  • 19. Why ISO 27001 Certified ISO17799 & ISO27001
  • 20.
  • 21. Benefits of certifying ISO27001 Increasing Confidence - externally (customers / interest parties) & - internally (management & staff) Increase competitive edge Demonstrate commitment to information security
  • 22.
  • 23. Introduction of ISO 27001 Certification Scheme ISO17799 & ISO27001
  • 24. BSI Route to Certification Next Verification visit decided by Verfier. Max 3 year audit cycle. Max possible interim 12 months Pre-Application Questionnaire Quotation Application Stage 1: Assessment Certification 3-Year cycle Surveillance Assessment 3 rd Year Re-assessment Optional Pre-assessment Gap Analysis & / or Stage 2: Assessment
  • 25. CUSTOMER PROFILE WITH BS 7799 / ISO 27001 CERTIFICATIONS Over 45% market share in the world …
  • 26. For more ISO17799 & ISO27001 Pease contact our: Sales, Marketing & Training Department Tel: +852 3149-3300 / 3149-3320 Fax: +852 2743-8727 / 8343-7336 Email mkt. [email_address]
  • 27.