ISO 27001 - IMPLEMENTATION CONSULTING

883 views

Published on

ISO 27001 - IMPLEMENTATION CONSULTING

Published in: Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
883
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
29
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

ISO 27001 - IMPLEMENTATION CONSULTING

  1. 1. Techserv ISO 27001 Executive Brief ISO 27001 IT / IS SECURITY Our Approach Ownership . Practical . Effective “Promoting Systems Integrity”
  2. 2. Effective information security systems incorporate a range of policies, security products, technologies and “If you think technology can procedures. Software applications which provide solve your security problems, firewall information security and virus scanners are not then you don't understand the enough on their own to protect information. A set of problems and you don't procedures and systems needs to be applied to understand the technology.” effectively deter unauthorized access to information assets. Companies face threats to their employees, systems, “Security must begin at the top operations, and information every day. These threats of an organization. It is a include computer viruses, network attacks, fraud, leadership issue, and the chief industrial espionage, and even natural disasters. executive must set the example. — heard at a security conference” “One of the tests of leadership is the ability to recognize a 10 questions to sensitize problem before it becomes an emergency” the IT / IS Security … 1. Does anyone in the management identify the disgruntled employee before he does any harm to company’s business? 2. Does management aware what is the current exposure on information security? 3. Would people recognize a security incident when they saw one? Would they ignore it? Would they know what to do about it? 4. Does anyone know how many computers the company owns? Would management know if some went missing? 5. Does anyone know how many people are using the organization’s systems? Does anybody care whether they are allowed or not, or what they are doing? 6. Did the company suffer from the latest virus attack? How many did it have last year? 7. What are the most critical information assets of the enterprise? Does management know where the enterprise is most vulnerable? 8. Is management concerned that company confidential information can be leaked? 9. Has the organization ever had its network security checked by a third party? 10. Is IT security a regular agenda item on IT management meetings?
  3. 3. Techserv is absolutely committed to helping people and organizations grow and succeed. Guided by our fundamental belief of integrity and professionalism, we promise a best client experience. By applying our rich expertise and our I focused methodologies, we will provide honest advice to help you reach your business objectives and transform challenges into new possibilities. OUR IT SECURITY ASSURANCE APPROACH IS DRIVEN BY ….. LAWS & BUSINESS GOALS COBIT REGULATIONS ISO 27001 Effectiveness Deals with information being relevant and pertinent to the business process as well as being delivered in a timely, correct, consistent and usable manner. Efficiency Concerns the provision of information through the optimal (most productive and economical) use of resources. Confidentiality Concerns the protection of sensitive information from unauthorized disclosure. Integrity Relates to the accuracy and completeness of information as well as to its validity in accordance with business values and expectations. Availability Relates to information being available when required by the business process now and in the future. It also concerns the safeguarding of necessary resources and associated capabilities. Compliance Deals with complying with the laws, regulations and contractual arrangements to which the business process is subject, i.e., externally imposed business criteria as well as internal policies. Reliability relates to the provision of appropriate information for management to operate the entity and exercise its fiduciary and governance responsibilities.
  4. 4. TECHSERV’S IT SECURITY METHODOLOGY …. IT/IS GOVERNANCE PROPOSAL AWARENESS PLAN PROJECT NEEDS PROGRAMME KICK-OFF ENVISION RISK IDENTIFY SOLUTION ARCHITECTURE ASSESSMENT CONTROLS DESIGN DESIGN DESIGN CONTROLS PLANNING CONTROLS IMPLEMENT TRAINNING IMPLEMENT AUDIT SOLUTION OPERATIONLIZE SOLUTION IMPROVEMENTS MEASURE Arul nambi Cell +91 9892504538 Tel. 91 – 22 – 28573170 E-MAIL : aruln@techservconsult.com www.techservconsult.com “Promoting Systems Integrity”

×