Scribd Logo
Upload

Welcome to Scribd!

  • ISMS Workpractice

    Uploaded by

    水雲
    135 views10 pages
    ISMS

    Original Title

    ISMS Workpractice.ppt

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    ISMS

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    135 views10 pages

    ISMS Workpractice

    Uploaded by

    水雲
    ISMS

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 10

    Information Security Management System

    Information & Information Security


    Information is an asset Essential Asset to meet Organizations Business Objectives Information Security is the protection of Confidentiality Integrity & Availability

    Why Information Security


    Business Interconnectivity Need Of Time More interconnectivity = Information is exposed to more audience More exposure = Information exposed to more varieties of Threats & Vulnerabilities Business Impacts on realization of threat Loss of Business, Legal actions, disrepute

    Implementing Information Security


    Identify the Security Requirements of the organization
    Business Objectives

    Legal Statutory Requirements

    Contractual Requirements

    Implementing Information Security


    Selecting Controls Controls to be implemented selected based on Security Requirement Analysis Implementing Controls Organizational Policy Procedures Reviewing Controls Testing controls ( e.g. Vulnerability Assessment, Penetration Testing etc) Review as part of incident response (e.g. Virus attack, Hacker attack etc) Periodic Internal Audits

    How may we help you


    Consulting Services Information Security Management System (ISMS) BS 7799 (ISO 27001) BS 7799 (ISO 27001) Gap Analysis Information Security Policies & Procedures Formulation Risk Assessment Business Continuity Plan (BCP) Disaster Recovery Plan (DRP) Control Objectives for Information and Related Technology (COBIT)

    How may we help you


    Technical Services
    Vulnerability Assessment & Penetration Testing Network Security Architecture Review & Design Technical Audit Application Security Testing Wireless Security Audit Computer Forensics Desktop Audit

    How may we help you


    Managed Security Services - as per clients security policy

    Defining Security Policies for different security components. Identifying vulnerabilities and the risks Alerts and counter measure for potential threats. Log & Event Analysis. Pattern Monitoring and Intrusion trend Analysis Implementation of patches & upgrades Update of latest signatures for IDS and Anti-virus Incident Management Periodic audits Review organizations security policy Prepare activity list as per the organization security policy Monitor and review the implementation of policies. Incident Management Suggesting corrective and preventive measures Presentation to the steering committee Identify improvements in the ISMS and implement recommendations

    Question Answer Session

    Thank You !!

    You might also like