SlideShare a Scribd company logo

Manage your Information Security Management System (ISMS) with Odoo

Maxime Chambreuil
Maxime Chambreuil

Manage your Information Security Management System (ISMS) with Odoo

Technology
1 of 8
Download to read offline
Manage your ISO27001-certified ISMS with Odoo By Maxime Chambreuil
Speaker Odoo Practice Leader & Quality, Environment and Security Director at Savoir-faire Linux, Odoo Gold Partner in Canada Vice-President of the Odoo Community Association
Agenda Background EBIOS Terms and definitions Demo
Savoir-faire Linux | Maxime Chambreuil 4 Background › Context @ Savoir-faire Linux • New markets: Military, aerospace and aeronautics • New projects: new product design and development • Couple security issues › Requirement for an information security management system (ISMS) › Information security analysis performed using EBIOS methodology › Management systems supported by Odoo (v7) and certified • Quality (ISO 9001) • Environment (ISO 14001)
| Maxime Chambreuil › Stands for « Expression des Besoins et Identification des Objectifs de Sécurité ». Expression of Needs and Identification of Security Objectives › Method for analysis, evaluation and action on risks relating to information systems › Created in 1995 and maintained by the French Ministry of Defense › Defines 5 steps EBIOS Context Study Feared Security Events Risk Analysis Threat Scenarios Security Controls
| Maxime Chambreuil Terms and definitions › Primary Asset: Important and valuable information • List of credit card numbers › Supporting Asset: Resource supporting the primary assets • Server hosting the database › Threat Source: the threat agent, i.e. thing or person at the origin of the threat • A hacker › Controls: Means to manage a security risk • Maintain and update the backup server › Vector: Scenario describing operations • A hacker exploits a vulnerability to connect to the backup server and takes a copy of the database › Feared Event: i.e. potential exposure, a generic scenario representing a feared situation • The hacker gets the list of credit card numbers and publish it
Savoir-faire Linux | 7 Thanks to the OCA Sponsors http://www.odoo-community.org
Savoir-faire Linux | 8 +1 (514) 276-5468 contact@savoirfairelinux.com http://www.savoirfairelinux.com

Recommended

ISO 27001 Training | ISO 27001 Implementation
ISO 27001 Training | ISO 27001 ImplementationISO 27001 Training | ISO 27001 Implementation
ISO 27001 Training | ISO 27001 Implementationhimalya sharma
 
Iso 29001 white paper lakshy rev02_17022015 low
Iso 29001 white paper lakshy rev02_17022015 lowIso 29001 white paper lakshy rev02_17022015 low
Iso 29001 white paper lakshy rev02_17022015 lowLakshy Management Consultant Pvt Ltd
 
Iso 28000 supply chain white paper lakshy rev02_17022015 low.pdf
Iso 28000 supply chain white paper lakshy rev02_17022015 low.pdfIso 28000 supply chain white paper lakshy rev02_17022015 low.pdf
Iso 28000 supply chain white paper lakshy rev02_17022015 low.pdfLakshy Management Consultant Pvt Ltd
 
Integrating Multiple IT Security Standards
Integrating Multiple IT Security StandardsIntegrating Multiple IT Security Standards
Integrating Multiple IT Security StandardsMuhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 
ISO/IEC 27001 as a Starting Point for GRC
ISO/IEC 27001 as a Starting Point for GRCISO/IEC 27001 as a Starting Point for GRC
ISO/IEC 27001 as a Starting Point for GRCPECB
 
All you wanted to know about iso 27000
All you wanted to know about iso 27000All you wanted to know about iso 27000
All you wanted to know about iso 27000Ramana K V
 
Iso iec 27032 foundation - cybersecurity training course
Iso iec 27032 foundation - cybersecurity training courseIso iec 27032 foundation - cybersecurity training course
Iso iec 27032 foundation - cybersecurity training courseMart Rovers
 
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to Know
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to KnowISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to Know
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to KnowPECB
 

Recommended

ISO 27001 Training | ISO 27001 Implementation
ISO 27001 Training | ISO 27001 ImplementationISO 27001 Training | ISO 27001 Implementation
ISO 27001 Training | ISO 27001 Implementationhimalya sharma
 
Iso 29001 white paper lakshy rev02_17022015 low
Iso 29001 white paper lakshy rev02_17022015 lowIso 29001 white paper lakshy rev02_17022015 low
Iso 29001 white paper lakshy rev02_17022015 lowLakshy Management Consultant Pvt Ltd
 
Iso 28000 supply chain white paper lakshy rev02_17022015 low.pdf
Iso 28000 supply chain white paper lakshy rev02_17022015 low.pdfIso 28000 supply chain white paper lakshy rev02_17022015 low.pdf
Iso 28000 supply chain white paper lakshy rev02_17022015 low.pdfLakshy Management Consultant Pvt Ltd
 
Integrating Multiple IT Security Standards
Integrating Multiple IT Security StandardsIntegrating Multiple IT Security Standards
Integrating Multiple IT Security StandardsMuhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 
ISO/IEC 27001 as a Starting Point for GRC
ISO/IEC 27001 as a Starting Point for GRCISO/IEC 27001 as a Starting Point for GRC
ISO/IEC 27001 as a Starting Point for GRCPECB
 
All you wanted to know about iso 27000
All you wanted to know about iso 27000All you wanted to know about iso 27000
All you wanted to know about iso 27000Ramana K V
 
Iso iec 27032 foundation - cybersecurity training course
Iso iec 27032 foundation - cybersecurity training courseIso iec 27032 foundation - cybersecurity training course
Iso iec 27032 foundation - cybersecurity training courseMart Rovers
 
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to Know
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to KnowISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to Know
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to KnowPECB
 
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...himalya sharma
 
CMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and Differences
CMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and DifferencesCMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and Differences
CMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and DifferencesPECB
 
Iso27001 Isaca Seminar (23 May 08)
Iso27001 Isaca Seminar (23 May 08)Iso27001 Isaca Seminar (23 May 08)
Iso27001 Isaca Seminar (23 May 08)samsontamwaiho
 
20201014 iso27001 iso27701 nist v2 (extended version)
20201014 iso27001 iso27701 nist v2 (extended version)20201014 iso27001 iso27701 nist v2 (extended version)
20201014 iso27001 iso27701 nist v2 (extended version)Peter GEELEN ✔
 
ISO/IEC 27701 vs GDPR: What you need to know
ISO/IEC 27701 vs GDPR: What you need to knowISO/IEC 27701 vs GDPR: What you need to know
ISO/IEC 27701 vs GDPR: What you need to knowPECB
 
ISO 27001 - Information Security Management System
ISO 27001 - Information Security Management SystemISO 27001 - Information Security Management System
ISO 27001 - Information Security Management SystemMuhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 
ISO/IEC 27001:2013
ISO/IEC 27001:2013ISO/IEC 27001:2013
ISO/IEC 27001:2013Ramiro Cid
 
Iso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromIso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromMart Rovers
 
Get iso 27000 certification in 7 steps
Get iso 27000 certification in 7 stepsGet iso 27000 certification in 7 steps
Get iso 27000 certification in 7 stepsBen Pournader
 
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowCMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowPECB
 
Why ISO27001 For My Organisation
Why ISO27001 For My OrganisationWhy ISO27001 For My Organisation
Why ISO27001 For My OrganisationVigilant Software
 
27001 awareness Training
27001 awareness Training27001 awareness Training
27001 awareness TrainingDr Madhu Aman Sharma
 
Basic introduction to iso27001
Basic introduction to iso27001Basic introduction to iso27001
Basic introduction to iso27001Imran Ahmed
 
ISO 27001 - three years of lessons learned
ISO 27001 - three years of lessons learnedISO 27001 - three years of lessons learned
ISO 27001 - three years of lessons learnedJisc
 
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information Standard
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information StandardQuick Guide to ISO/IEC 27701 - The Newest Privacy Information Standard
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information StandardPECB
 
Security domains
Security domainsSecurity domains
Security domainsAdel J. Shtayyeh
 
How can the ISO 27701 help to design, implement, operate and improve a privac...
How can the ISO 27701 help to design, implement, operate and improve a privac...How can the ISO 27701 help to design, implement, operate and improve a privac...
How can the ISO 27701 help to design, implement, operate and improve a privac...Hernan Huwyler, MBA CPA
 
Mr. ahmed obaid the ceo guide to implement iso 27001
Mr. ahmed obaid the ceo guide to implement iso 27001Mr. ahmed obaid the ceo guide to implement iso 27001
Mr. ahmed obaid the ceo guide to implement iso 27001qualitysummit
 
Key Data Privacy Roles Explained: Data Protection Officer, Information Securi...
Key Data Privacy Roles Explained: Data Protection Officer, Information Securi...Key Data Privacy Roles Explained: Data Protection Officer, Information Securi...
Key Data Privacy Roles Explained: Data Protection Officer, Information Securi...PECB
 
Friday Forum ISO 27001: 2013
Friday Forum ISO 27001: 2013Friday Forum ISO 27001: 2013
Friday Forum ISO 27001: 2013APEXMarCom
 
Information security-management-system
Information security-management-systemInformation security-management-system
Information security-management-systemintellisenseit
 
Information systems 365 lecture four - Security Policy Development, Data Clas...
Information systems 365 lecture four - Security Policy Development, Data Clas...Information systems 365 lecture four - Security Policy Development, Data Clas...
Information systems 365 lecture four - Security Policy Development, Data Clas...Nicholas Davis
 

More Related Content

What's hot

ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...himalya sharma
 
CMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and Differences
CMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and DifferencesCMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and Differences
CMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and DifferencesPECB
 
Iso27001 Isaca Seminar (23 May 08)
Iso27001 Isaca Seminar (23 May 08)Iso27001 Isaca Seminar (23 May 08)
Iso27001 Isaca Seminar (23 May 08)samsontamwaiho
 
20201014 iso27001 iso27701 nist v2 (extended version)
20201014 iso27001 iso27701 nist v2 (extended version)20201014 iso27001 iso27701 nist v2 (extended version)
20201014 iso27001 iso27701 nist v2 (extended version)Peter GEELEN ✔
 
ISO/IEC 27701 vs GDPR: What you need to know
ISO/IEC 27701 vs GDPR: What you need to knowISO/IEC 27701 vs GDPR: What you need to know
ISO/IEC 27701 vs GDPR: What you need to knowPECB
 
ISO/IEC 27001:2013
ISO/IEC 27001:2013ISO/IEC 27001:2013
ISO/IEC 27001:2013Ramiro Cid
 
Iso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromIso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromMart Rovers
 
Get iso 27000 certification in 7 steps
Get iso 27000 certification in 7 stepsGet iso 27000 certification in 7 steps
Get iso 27000 certification in 7 stepsBen Pournader
 
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowCMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowPECB
 
Why ISO27001 For My Organisation
Why ISO27001 For My OrganisationWhy ISO27001 For My Organisation
Why ISO27001 For My OrganisationVigilant Software
 
Basic introduction to iso27001
Basic introduction to iso27001Basic introduction to iso27001
Basic introduction to iso27001Imran Ahmed
 
ISO 27001 - three years of lessons learned
ISO 27001 - three years of lessons learnedISO 27001 - three years of lessons learned
ISO 27001 - three years of lessons learnedJisc
 
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information Standard
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information StandardQuick Guide to ISO/IEC 27701 - The Newest Privacy Information Standard
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information StandardPECB
 
How can the ISO 27701 help to design, implement, operate and improve a privac...
How can the ISO 27701 help to design, implement, operate and improve a privac...How can the ISO 27701 help to design, implement, operate and improve a privac...
How can the ISO 27701 help to design, implement, operate and improve a privac...Hernan Huwyler, MBA CPA
 
Mr. ahmed obaid the ceo guide to implement iso 27001
Mr. ahmed obaid the ceo guide to implement iso 27001Mr. ahmed obaid the ceo guide to implement iso 27001
Mr. ahmed obaid the ceo guide to implement iso 27001qualitysummit
 
Key Data Privacy Roles Explained: Data Protection Officer, Information Securi...
Key Data Privacy Roles Explained: Data Protection Officer, Information Securi...Key Data Privacy Roles Explained: Data Protection Officer, Information Securi...
Key Data Privacy Roles Explained: Data Protection Officer, Information Securi...PECB
 
Friday Forum ISO 27001: 2013
Friday Forum ISO 27001: 2013Friday Forum ISO 27001: 2013
Friday Forum ISO 27001: 2013APEXMarCom
 

What's hot (20)

ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...
 
CMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and Differences
CMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and DifferencesCMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and Differences
CMMC, ISO/IEC 27701, and ISO/IEC 27001 — Best Practices and Differences
 
Iso27001 Isaca Seminar (23 May 08)
Iso27001 Isaca Seminar (23 May 08)Iso27001 Isaca Seminar (23 May 08)
Iso27001 Isaca Seminar (23 May 08)
 
20201014 iso27001 iso27701 nist v2 (extended version)
20201014 iso27001 iso27701 nist v2 (extended version)20201014 iso27001 iso27701 nist v2 (extended version)
20201014 iso27001 iso27701 nist v2 (extended version)
 
ISO/IEC 27701 vs GDPR: What you need to know
ISO/IEC 27701 vs GDPR: What you need to knowISO/IEC 27701 vs GDPR: What you need to know
ISO/IEC 27701 vs GDPR: What you need to know
 
ISO 27001 - Information Security Management System
ISO 27001 - Information Security Management SystemISO 27001 - Information Security Management System
ISO 27001 - Information Security Management System
 
ISO/IEC 27001:2013
ISO/IEC 27001:2013ISO/IEC 27001:2013
ISO/IEC 27001:2013
 
Iso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromIso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interprom
 
Get iso 27000 certification in 7 steps
Get iso 27000 certification in 7 stepsGet iso 27000 certification in 7 steps
Get iso 27000 certification in 7 steps
 
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowCMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
 
Why ISO27001 For My Organisation
Why ISO27001 For My OrganisationWhy ISO27001 For My Organisation
Why ISO27001 For My Organisation
 
27001 awareness Training
27001 awareness Training27001 awareness Training
27001 awareness Training
 
Basic introduction to iso27001
Basic introduction to iso27001Basic introduction to iso27001
Basic introduction to iso27001
 
ISO 27001 - three years of lessons learned
ISO 27001 - three years of lessons learnedISO 27001 - three years of lessons learned
ISO 27001 - three years of lessons learned
 
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information Standard
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information StandardQuick Guide to ISO/IEC 27701 - The Newest Privacy Information Standard
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information Standard
 
Security domains
Security domainsSecurity domains
Security domains
 
How can the ISO 27701 help to design, implement, operate and improve a privac...
How can the ISO 27701 help to design, implement, operate and improve a privac...How can the ISO 27701 help to design, implement, operate and improve a privac...
How can the ISO 27701 help to design, implement, operate and improve a privac...
 
Mr. ahmed obaid the ceo guide to implement iso 27001
Mr. ahmed obaid the ceo guide to implement iso 27001Mr. ahmed obaid the ceo guide to implement iso 27001
Mr. ahmed obaid the ceo guide to implement iso 27001
 
Key Data Privacy Roles Explained: Data Protection Officer, Information Securi...
Key Data Privacy Roles Explained: Data Protection Officer, Information Securi...Key Data Privacy Roles Explained: Data Protection Officer, Information Securi...
Key Data Privacy Roles Explained: Data Protection Officer, Information Securi...
 
Friday Forum ISO 27001: 2013
Friday Forum ISO 27001: 2013Friday Forum ISO 27001: 2013
Friday Forum ISO 27001: 2013
 

Viewers also liked

Information security-management-system
Information security-management-systemInformation security-management-system
Information security-management-systemintellisenseit
 
Information systems 365 lecture four - Security Policy Development, Data Clas...
Information systems 365 lecture four - Security Policy Development, Data Clas...Information systems 365 lecture four - Security Policy Development, Data Clas...
Information systems 365 lecture four - Security Policy Development, Data Clas...Nicholas Davis
 
Information security management system
Information security management systemInformation security management system
Information security management systemArani Srinivasan
 
SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)
SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)
SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)Biswajit Bhattacharjee
 
Information Security Management System ISO/IEC 27001:2005
Information Security Management System ISO/IEC 27001:2005Information Security Management System ISO/IEC 27001:2005
Information Security Management System ISO/IEC 27001:2005ControlCase
 
Information Security Lecture #1 ppt
Information Security Lecture #1 pptInformation Security Lecture #1 ppt
Information Security Lecture #1 pptvasanthimuniasamy
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITYAhmed Moussa
 

Viewers also liked (7)

Information security-management-system
Information security-management-systemInformation security-management-system
Information security-management-system
 
Information systems 365 lecture four - Security Policy Development, Data Clas...
Information systems 365 lecture four - Security Policy Development, Data Clas...Information systems 365 lecture four - Security Policy Development, Data Clas...
Information systems 365 lecture four - Security Policy Development, Data Clas...
 
Information security management system
Information security management systemInformation security management system
Information security management system
 
SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)
SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)
SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)
 
Information Security Management System ISO/IEC 27001:2005
Information Security Management System ISO/IEC 27001:2005Information Security Management System ISO/IEC 27001:2005
Information Security Management System ISO/IEC 27001:2005
 
Information Security Lecture #1 ppt
Information Security Lecture #1 pptInformation Security Lecture #1 ppt
Information Security Lecture #1 ppt
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITY
 

Similar to Manage your Information Security Management System (ISMS) with Odoo

Ants and Elephants in the CISO's Office by Paul Rain
Ants and Elephants in the CISO's Office by Paul RainAnts and Elephants in the CISO's Office by Paul Rain
Ants and Elephants in the CISO's Office by Paul RainPriyanka Aash
 
ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?
ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?
ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?PECB
 
20CS024 Ethics in Information Technology
20CS024 Ethics in Information Technology20CS024 Ethics in Information Technology
20CS024 Ethics in Information TechnologyKathirvel Ayyaswamy
 
PECB Webinar: The alignment of Information Security in Service Management
PECB Webinar: The alignment of Information Security in Service ManagementPECB Webinar: The alignment of Information Security in Service Management
PECB Webinar: The alignment of Information Security in Service ManagementPECB
 
Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1Sylvain Martinez
 
ET4045-Information Security Management System-2018
ET4045-Information Security Management System-2018ET4045-Information Security Management System-2018
ET4045-Information Security Management System-2018Wervyan Shalannanda
 
english_bok_ismp_202306.pptx
english_bok_ismp_202306.pptxenglish_bok_ismp_202306.pptx
english_bok_ismp_202306.pptxssuser00d6eb
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewShankar Subramaniyan
 
Chapter 10 security standart
Chapter 10 security standartChapter 10 security standart
Chapter 10 security standartnewbie2019
 
Welingkar Presentation On Cobit And Iso 1799 And Bs 7799
Welingkar Presentation On Cobit And Iso 1799 And Bs 7799Welingkar Presentation On Cobit And Iso 1799 And Bs 7799
Welingkar Presentation On Cobit And Iso 1799 And Bs 7799Abhinav Goyal
 
Iso27001 Isaca Seminar (23 May 08)
Iso27001 Isaca Seminar (23 May 08)Iso27001 Isaca Seminar (23 May 08)
Iso27001 Isaca Seminar (23 May 08)samsontamwaiho
 
NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NA Putra
 
NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NQA
 
Certified Information Systems Security Professional
Certified Information Systems Security ProfessionalCertified Information Systems Security Professional
Certified Information Systems Security ProfessionalHelen Njuguna
 
Compliance Framework
Compliance FrameworkCompliance Framework
Compliance Frameworkbarnetdh
 
It audit methodologies
It audit methodologiesIt audit methodologies
It audit methodologiesSalih Islam
 

Similar to Manage your Information Security Management System (ISMS) with Odoo (20)

Ants and Elephants in the CISO's Office by Paul Rain
Ants and Elephants in the CISO's Office by Paul RainAnts and Elephants in the CISO's Office by Paul Rain
Ants and Elephants in the CISO's Office by Paul Rain
 
ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?
ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?
ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?
 
20CS024 Ethics in Information Technology
20CS024 Ethics in Information Technology20CS024 Ethics in Information Technology
20CS024 Ethics in Information Technology
 
PECB Webinar: The alignment of Information Security in Service Management
PECB Webinar: The alignment of Information Security in Service ManagementPECB Webinar: The alignment of Information Security in Service Management
PECB Webinar: The alignment of Information Security in Service Management
 
Cybersecurity Frameworks for DMZCON23 230905.pdf
Cybersecurity Frameworks for DMZCON23 230905.pdfCybersecurity Frameworks for DMZCON23 230905.pdf
Cybersecurity Frameworks for DMZCON23 230905.pdf
 
Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1
 
ET4045-Information Security Management System-2018
ET4045-Information Security Management System-2018ET4045-Information Security Management System-2018
ET4045-Information Security Management System-2018
 
Info.ppt
Info.pptInfo.ppt
Info.ppt
 
english_bok_ismp_202306.pptx
english_bok_ismp_202306.pptxenglish_bok_ismp_202306.pptx
english_bok_ismp_202306.pptx
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process Overview
 
Chapter 10 security standart
Chapter 10 security standartChapter 10 security standart
Chapter 10 security standart
 
Welingkar Presentation On Cobit And Iso 1799 And Bs 7799
Welingkar Presentation On Cobit And Iso 1799 And Bs 7799Welingkar Presentation On Cobit And Iso 1799 And Bs 7799
Welingkar Presentation On Cobit And Iso 1799 And Bs 7799
 
Iso27001 Isaca Seminar (23 May 08)
Iso27001 Isaca Seminar (23 May 08)Iso27001 Isaca Seminar (23 May 08)
Iso27001 Isaca Seminar (23 May 08)
 
NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001
 
NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001
 
Certified Information Systems Security Professional
Certified Information Systems Security ProfessionalCertified Information Systems Security Professional
Certified Information Systems Security Professional
 
Compliance Framework
Compliance FrameworkCompliance Framework
Compliance Framework
 
IT Audit Methodologies
IT Audit MethodologiesIT Audit Methodologies
IT Audit Methodologies
 
It audit methodologies
It audit methodologiesIt audit methodologies
It audit methodologies
 
ISO 27001
ISO 27001ISO 27001
ISO 27001
 

More from Maxime Chambreuil

Realiza tu primera contribucion a la OCA
Realiza tu primera contribucion a la OCARealiza tu primera contribucion a la OCA
Realiza tu primera contribucion a la OCAMaxime Chambreuil
 
Meetup Odoo Monterrey - 23 de febrero 2023
Meetup Odoo Monterrey - 23 de febrero 2023Meetup Odoo Monterrey - 23 de febrero 2023
Meetup Odoo Monterrey - 23 de febrero 2023Maxime Chambreuil
 
Meetup Odoo Querétaro - 16 de febrero 2023
Meetup Odoo Querétaro - 16 de febrero 2023Meetup Odoo Querétaro - 16 de febrero 2023
Meetup Odoo Querétaro - 16 de febrero 2023Maxime Chambreuil
 
Meetup Odoo Querétaro - 1/9/2022
Meetup Odoo Querétaro - 1/9/2022Meetup Odoo Querétaro - 1/9/2022
Meetup Odoo Querétaro - 1/9/2022Maxime Chambreuil
 
Localizations and electronic tax documents
Localizations and electronic tax documentsLocalizations and electronic tax documents
Localizations and electronic tax documentsMaxime Chambreuil
 
Hacer negocio y contribuir en aplicaciones open source, el caso de odoo
Hacer negocio y contribuir en aplicaciones open source, el caso de odooHacer negocio y contribuir en aplicaciones open source, el caso de odoo
Hacer negocio y contribuir en aplicaciones open source, el caso de odooMaxime Chambreuil
 
Odoo Querétaro #20 como contribuir a la oca
Odoo Querétaro #20 como contribuir a la ocaOdoo Querétaro #20 como contribuir a la oca
Odoo Querétaro #20 como contribuir a la ocaMaxime Chambreuil
 
20190612 - Odoo Querétaro #19
20190612 - Odoo Querétaro #1920190612 - Odoo Querétaro #19
20190612 - Odoo Querétaro #19Maxime Chambreuil
 
Deep traceability of materials, labor and resources
Deep traceability of materials, labor and resourcesDeep traceability of materials, labor and resources
Deep traceability of materials, labor and resourcesMaxime Chambreuil
 
20181121 - Odoo Querétaro #18: Presentacion de la version 12
20181121 - Odoo Querétaro #18: Presentacion de la version 1220181121 - Odoo Querétaro #18: Presentacion de la version 12
20181121 - Odoo Querétaro #18: Presentacion de la version 12Maxime Chambreuil
 
OCA: Experiencia, Gestión, Funcionamiento
OCA: Experiencia, Gestión, FuncionamientoOCA: Experiencia, Gestión, Funcionamiento
OCA: Experiencia, Gestión, FuncionamientoMaxime Chambreuil
 
La experiencia de la comunidad internacional de Odoo
La experiencia de la comunidad internacional de OdooLa experiencia de la comunidad internacional de Odoo
La experiencia de la comunidad internacional de OdooMaxime Chambreuil
 
The sexy side of Return Merchandise Authorization
The sexy side of Return Merchandise AuthorizationThe sexy side of Return Merchandise Authorization
The sexy side of Return Merchandise AuthorizationMaxime Chambreuil
 
Presentación de Odoo en el Canaco de Querétaro
Presentación de Odoo en el Canaco de QuerétaroPresentación de Odoo en el Canaco de Querétaro
Presentación de Odoo en el Canaco de QuerétaroMaxime Chambreuil
 
Odoo para las empresas de servicios
Odoo para las empresas de serviciosOdoo para las empresas de servicios
Odoo para las empresas de serviciosMaxime Chambreuil
 
Punto de venta de Odoo para tiendas, bares y restaurantes
Punto de venta de Odoo para tiendas, bares y restaurantesPunto de venta de Odoo para tiendas, bares y restaurantes
Punto de venta de Odoo para tiendas, bares y restaurantesMaxime Chambreuil
 

More from Maxime Chambreuil (20)

Realiza tu primera contribucion a la OCA
Realiza tu primera contribucion a la OCARealiza tu primera contribucion a la OCA
Realiza tu primera contribucion a la OCA
 
Meetup Odoo Monterrey - 23 de febrero 2023
Meetup Odoo Monterrey - 23 de febrero 2023Meetup Odoo Monterrey - 23 de febrero 2023
Meetup Odoo Monterrey - 23 de febrero 2023
 
Meetup Odoo Querétaro - 16 de febrero 2023
Meetup Odoo Querétaro - 16 de febrero 2023Meetup Odoo Querétaro - 16 de febrero 2023
Meetup Odoo Querétaro - 16 de febrero 2023
 
Meetup Odoo Querétaro - 1/9/2022
Meetup Odoo Querétaro - 1/9/2022Meetup Odoo Querétaro - 1/9/2022
Meetup Odoo Querétaro - 1/9/2022
 
Localizations and electronic tax documents
Localizations and electronic tax documentsLocalizations and electronic tax documents
Localizations and electronic tax documents
 
Hacer negocio y contribuir en aplicaciones open source, el caso de odoo
Hacer negocio y contribuir en aplicaciones open source, el caso de odooHacer negocio y contribuir en aplicaciones open source, el caso de odoo
Hacer negocio y contribuir en aplicaciones open source, el caso de odoo
 
Odoo Querétaro #20 como contribuir a la oca
Odoo Querétaro #20 como contribuir a la ocaOdoo Querétaro #20 como contribuir a la oca
Odoo Querétaro #20 como contribuir a la oca
 
20190619 - Odoo Monterrey
20190619 - Odoo Monterrey20190619 - Odoo Monterrey
20190619 - Odoo Monterrey
 
20190612 - Odoo Querétaro #19
20190612 - Odoo Querétaro #1920190612 - Odoo Querétaro #19
20190612 - Odoo Querétaro #19
 
Deep traceability of materials, labor and resources
Deep traceability of materials, labor and resourcesDeep traceability of materials, labor and resources
Deep traceability of materials, labor and resources
 
20181121 - Odoo Querétaro #18: Presentacion de la version 12
20181121 - Odoo Querétaro #18: Presentacion de la version 1220181121 - Odoo Querétaro #18: Presentacion de la version 12
20181121 - Odoo Querétaro #18: Presentacion de la version 12
 
OCA: Experiencia, Gestión, Funcionamiento
OCA: Experiencia, Gestión, FuncionamientoOCA: Experiencia, Gestión, Funcionamiento
OCA: Experiencia, Gestión, Funcionamiento
 
La experiencia de la comunidad internacional de Odoo
La experiencia de la comunidad internacional de OdooLa experiencia de la comunidad internacional de Odoo
La experiencia de la comunidad internacional de Odoo
 
Odoo Querétaro #16
Odoo Querétaro #16Odoo Querétaro #16
Odoo Querétaro #16
 
Odoo Querétaro #14
Odoo Querétaro #14Odoo Querétaro #14
Odoo Querétaro #14
 
Python Querétaro #1
Python Querétaro #1Python Querétaro #1
Python Querétaro #1
 
The sexy side of Return Merchandise Authorization
The sexy side of Return Merchandise AuthorizationThe sexy side of Return Merchandise Authorization
The sexy side of Return Merchandise Authorization
 
Presentación de Odoo en el Canaco de Querétaro
Presentación de Odoo en el Canaco de QuerétaroPresentación de Odoo en el Canaco de Querétaro
Presentación de Odoo en el Canaco de Querétaro
 
Odoo para las empresas de servicios
Odoo para las empresas de serviciosOdoo para las empresas de servicios
Odoo para las empresas de servicios
 
Punto de venta de Odoo para tiendas, bares y restaurantes
Punto de venta de Odoo para tiendas, bares y restaurantesPunto de venta de Odoo para tiendas, bares y restaurantes
Punto de venta de Odoo para tiendas, bares y restaurantes
 

Recently uploaded

The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 

Recently uploaded (20)

The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 

Manage your Information Security Management System (ISMS) with Odoo

  • 1. Manage your ISO27001-certified ISMS with Odoo By Maxime Chambreuil
  • 2. Speaker Odoo Practice Leader & Quality, Environment and Security Director at Savoir-faire Linux, Odoo Gold Partner in Canada Vice-President of the Odoo Community Association
  • 4. Savoir-faire Linux | Maxime Chambreuil 4 Background › Context @ Savoir-faire Linux • New markets: Military, aerospace and aeronautics • New projects: new product design and development • Couple security issues › Requirement for an information security management system (ISMS) › Information security analysis performed using EBIOS methodology › Management systems supported by Odoo (v7) and certified • Quality (ISO 9001) • Environment (ISO 14001)
  • 5. | Maxime Chambreuil › Stands for « Expression des Besoins et Identification des Objectifs de Sécurité ». Expression of Needs and Identification of Security Objectives › Method for analysis, evaluation and action on risks relating to information systems › Created in 1995 and maintained by the French Ministry of Defense › Defines 5 steps EBIOS Context Study Feared Security Events Risk Analysis Threat Scenarios Security Controls
  • 6. | Maxime Chambreuil Terms and definitions › Primary Asset: Important and valuable information • List of credit card numbers › Supporting Asset: Resource supporting the primary assets • Server hosting the database › Threat Source: the threat agent, i.e. thing or person at the origin of the threat • A hacker › Controls: Means to manage a security risk • Maintain and update the backup server › Vector: Scenario describing operations • A hacker exploits a vulnerability to connect to the backup server and takes a copy of the database › Feared Event: i.e. potential exposure, a generic scenario representing a feared situation • The hacker gets the list of credit card numbers and publish it
  • 7. Savoir-faire Linux | 7 Thanks to the OCA Sponsors http://www.odoo-community.org
  • 8. Savoir-faire Linux | 8 +1 (514) 276-5468 contact@savoirfairelinux.com http://www.savoirfairelinux.com