Your SlideShare is downloading. ×
0
ISO 27001 Benefits
ISO 27001 Benefits
ISO 27001 Benefits
ISO 27001 Benefits
ISO 27001 Benefits
ISO 27001 Benefits
ISO 27001 Benefits
ISO 27001 Benefits
ISO 27001 Benefits
ISO 27001 Benefits
ISO 27001 Benefits
ISO 27001 Benefits
ISO 27001 Benefits
ISO 27001 Benefits
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

ISO 27001 Benefits

10,618

Published on

Short Powerpoint presentation for the management that describes the benefits of ISO 27001, and the process of its implementation.

Short Powerpoint presentation for the management that describes the benefits of ISO 27001, and the process of its implementation.

Published in: Technology, Business
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
10,618
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
517
Comments
0
Likes
2
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Benefits of ISO 27001
  • 2. About ISO 27001 <ul><li>Leading international standard for information security management </li></ul><ul><li>Till the end of year 2009, more than 12 , 000 organizations worldwide certified against this standard </li></ul><ul><li>Its purpose is to protect the confidentiality, integrity and availability of information </li></ul>
  • 3. ISO 27001 <ul><li>It is not a technical standard that would describe the ISMS into technical detail </li></ul><ul><li>It does not focus only on information technology, but also on other important assets at the organization </li></ul>
  • 4. ISO 27001 <ul><li>Focuses on all business processes and business assets </li></ul><ul><li>Focuses on reducing the risks for information that is valuable for the organization </li></ul><ul><li>Information may or may not be related to information technology, may or may not be in a digital form </li></ul>
  • 5. ISO 27001 benefits <ul><li>Better organizational image because of the certificate issued by certification body </li></ul><ul><li>Lower costs because of the avoided risks </li></ul><ul><li>The operations in the organization are running more smoothly because the responsibilities and business processes are clearly defined </li></ul>
  • 6. Process of ISO 27001 implementation <ul><li>Phase 1 - Planning </li></ul><ul><li>Phase 2 - Implementing </li></ul><ul><li>Phase 3 - Checking </li></ul><ul><li>Phase 4 - Improving </li></ul>
  • 7. Planning the ISMS <ul><li>Policy and objectives </li></ul><ul><li>Risk assessment & risk treatment </li></ul><ul><li>Risk Assessment Report </li></ul><ul><li>Statement of Applicability </li></ul>
  • 8. Implementing the ISMS <ul><li>4 mandatory procedures </li></ul><ul><li>Risk Treatment Plan </li></ul><ul><li>Implement all controls </li></ul><ul><li>Conduct trainings, awareness </li></ul>
  • 9. Checking the ISMS <ul><li>Execute monitoring and reviewing procedures </li></ul><ul><li>Measuring the effectiveness of controls </li></ul><ul><li>Internal audit </li></ul><ul><li>Management review </li></ul>
  • 10. Improving the ISMS <ul><li>Corrective actions </li></ul><ul><li>Preventive actions </li></ul>
  • 11. Requirements for successful implementation <ul><li>Management support (available people + funding) </li></ul><ul><li>Project team </li></ul><ul><li>Awareness of employees </li></ul>
  • 12. Duration of implementation <ul><li>For very small organizations (less than 10 employees) - up to 4 months </li></ul><ul><li>For small organizations (10 to 50 employees) - up to 8 months </li></ul><ul><li>For middle sized organizations (50 to 500 employees) - up to 12 months </li></ul><ul><li>For large organizations (500 or more employees) - up to 18 months </li></ul>
  • 13. Cost of implementation <ul><li>It is not possible to calculate the cost before the risk assessment is completed and applicable controls are identified </li></ul><ul><li>Majority of investment is usually not in technology, but in employees that are implementing the ISMS (invested time + trainings) </li></ul>
  • 14. For more useful information: www.iso27001standard.com

×