!Information Security              ! "         "#     "          " !          $ %"          "            &            &
" #$ #                               #%                                      ##&       %    "             (          ) %  ...
#                   01 #                           $An 27001 Certified Lead Auditor                                       ...
#                           01 #  $" #$ #                              #%                                     ##& "       ...
#         #&,  #&9 %# .         " +   :     1 #       %   0
.       #      %#                          !                # !#&              # !#        "        2 4         3    9 &; ...
Natural Disasters                                                                   Acoustic     (Flood, Lightning,      E...
#        2 < #*                       A5 Security policy                A6 Organization of Information Security           ...
##                                       =                                              ! "#    $                         ...
> =                             #                $&                 #                  $    2 4 )                        3...
> =                               #1                                          Risk Assessment Asset Identification and Val...
1;
$
@% # A& B$ #            #   % !%   %     %            !    * #  ! %#       !%   %      C$ A                          ,
$& %#   %         # .>    #   * 1 * #                     %0   12   3   4 5
$&       =       #    .    ."%     #    . $ $    . %#
$&       =   8#                % #    .   %       # *                  #   %    .       %                 %              <...
$&       %       # % #!D                  > =    .       #            $   %         0   % #                               ...
#                *   *    6    7*                             -            *              "           **       #          ...
$&            #    > =          #            $&       %    #=                    #    *       # %            $ #   #   #  ...
$&                       #*       $        !           $&           #       #        #                             $      ...
$&                       %       F" #         #   G    .       2 "             H                  IA& ;         *       F ...
9             #   #<<<;=   ;   *
$&)       ## #   *#     +
"   #J
"           #&           *       #           J    .           #           #        &   #   3K D    #        &&>2
"     #&"%       # %#             !                 # .        I .    #      $ F     $   !  # %#IG                        ...
"          #&2 D                       # %                           $"       #        #    JJJ& # #                #    #...
"              #& 1                 *          #& B                        #        "%          #&         *        #     ...
"       #& F,    G   #    # $ $                 $       #       =#   #&           #            $F      #& (     #
@% # A&   !%  #   %           #    # # # % ** #               $   8#       #                            A
You are free:                                          Creative Commons Attribution-•to copy, distribute, display, and per...
E K M N       2->?- @ >   ;    ?@ >   ;
Challenges and Benefits of Information Security Management
Challenges and Benefits of Information Security Management
Challenges and Benefits of Information Security Management
Upcoming SlideShare
Loading in...5
×

Challenges and Benefits of Information Security Management

218

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
218
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
6
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Challenges and Benefits of Information Security Management

  1. 1. !Information Security ! " "# " " ! $ %" " & &
  2. 2. " #$ # #% ##& % " ( ) % % * * # +#& $ ) % * , %# - . # # # # !# % #/ . %# # # * / . # $ * # *# # # # # / . # !# # 0 . # # # # #
  3. 3. # 01 # $An 27001 Certified Lead Auditor Audit Aspectos essenciais BS ISO/IEC 17799 e 27001 Implantação BS ISO/IEC 27001 Auditorias Internas à BS ISO/IEC 27001 Auditor Coordenador BS ISO/IEC 27001 (IRCA) Trainning Consultancy
  4. 4. # 01 # $" #$ # #% ##& " 2 4 3 . ! . " !#& 1 5 6 " 5(7 (( . ! . " !#& 8 . ! . $% & & # ! # # (
  5. 5. # #&, #&9 %# . " + : 1 # % 0
  6. 6. . # %# ! # !#& # !# " 2 4 3 9 &; #! # # $" 2 4 9( 3 9( . " # #
  7. 7. Natural Disasters Acoustic (Flood, Lightning, Earthquake, ...) Information (Telephone conversations, in public, in meetings, ...)Technical failures Logical Physical 17799 * 27001 17799 * 27001 (Communication, Lack of energy, Information InformationEquipment break-down, ...) (Faxs, contracts, BS ISO/IEC BS ISO/IEC (electronic records) reports, manuals, ...) Business Human Failure (Maintenance errors, User errors, Lack of staff, ...) Visual Intelectual Information (Vídeo, fotos, Information environment, ...) (Knowledge) Social Problens (Strikes, Terrorism Attack, politics, legislation...)
  8. 8. # 2 < #* A5 Security policy A6 Organization of Information Security A7 Asset managementA8 HR A9 Physical and A10 Communications A12 Informationsecurity Environmental and operations Systems security management Acquisition, development A11 Access control and maintenance A13 Incident Management A14 Business continuity management A15 Compliance
  9. 9. ## = ! "# $ % & $ + , - ( $ . / % ) % % ) * * % " "*
  10. 10. > = # $& # $ 2 4 ) 3 % 9- ? Communicate and Consult Assess Risks Identify Analyse Evaluate Control Establish the the the the Context Risks Risks Risks Risks Monitor and Review
  11. 11. > = #1 Risk Assessment Asset Identification and Valuation Identification of Vulnerabilities Identification of Evaluation of Impacts Threats Business Risk Rating/ranking of Risks Risk Management Review of Existing Security Controls Identification of new Security Controls Policy and Implementation and Procedures Risk Acceptance Risk Reduction (Residual Risk)
  12. 12. 1;
  13. 13. $
  14. 14. @% # A& B$ # # % !% % % ! * # ! %# !% % C$ A ,
  15. 15. $& %# % # .> # * 1 * # %0 12 3 4 5
  16. 16. $& = # . ."% # . $ $ . %#
  17. 17. $& = 8# % # . % # * # % . % % < # % %0 12 3 4 5
  18. 18. $& % # % #!D > = . # $ % 0 % # # . # $ % % ** . = $ $ # # = #% ## 67
  19. 19. # * * 6 7* - * " ** # 68 # * * *9 : :;
  20. 20. $& # > = # $& % #= # * # % $ # # # %#
  21. 21. $& #* $ ! $& # # # $ $# 2 . A $ A B$ A E A& # # # .; # # # % 0 %# %
  22. 22. $& % F" # # G . 2 " H IA& ; * F # # G . 2 ( $ I& D $ # # % !& = % % # % ##
  23. 23. 9 # #<<<;= ; *
  24. 24. $&) ## # *# +
  25. 25. " #J
  26. 26. " #& * # J . # # & # 3K D # &&>2
  27. 27. " #&"% # %# ! # . I . # $ F $ ! # %#IG ! . # $ F" % # %#!1 G !" # %$ & # <<<; # ; "
  28. 28. " #&2 D # % $" # # JJJ& # # # # # % $ L% #
  29. 29. " #& 1 * #& B # "% #& * # * % L # % !& %# % $ 3 $ # . > # !JJJJ& D% # # % ! * #
  30. 30. " #& F, G # # $ $ $ # =# #& # $F #& ( #
  31. 31. @% # A& !% # % # # # # % ** # $ 8# # A
  32. 32. You are free: Creative Commons Attribution-•to copy, distribute, display, and perform this work NoDerivs 2.0•to make commercial use of this workUnder the following conditions: Attribution. You must give the original author credit. No Derivative Works. You may not alter, transform, or build upon this work.For any reuse or distribution, you must make clear to others the license terms of this work.Any of these conditions can be waived if you get permission from the author.Your fair use and other rights are in no way affected by the above.This work is licensed under the Creative Commons Attribution-NoDerivs License. To view a copy of thislicense, visit http://creativecommons.org/licenses/by-nd/2.0/ or send a letter to Creative Commons, 559Nathan Abbott Way, Stanford, California 94305, USA.
  33. 33. E K M N 2->?- @ > ; ?@ > ;
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×