This ppt talks about ISMS framework's management clause 8 that is operations. It deal with implementation of ISMS framework clause 6 that is planning.
For more details, visit our website:-
http://www.ifour-consultancy.com
http://www.ifourtechnolab.com
http://www.ifour-consultancy.com/microsoft-technology.aspx
2. 8.1 Operational Planning and Control
Implement the actions determined in 6.1 clause
Achieve information security objectives determined in 6.2 clause
Keep information documented to have confidence
Review consequences of unintended changes to mitigate adverse effects
ASP.NET software companies India
3. 8.1 Operational Planning and Control continued…
ASP.NET software companies India
http://www.cambridge-risk.com/wp-content/uploads/2014/08/Business-Continuity-
Management-diagram1.png
4. 8.1 Operational Planning and Control continued…
Benefits
Develop plans and activities to perfect and synchronize the activities and
communications
Systematic and measurable operational processes with means of objective
evaluations
A well balanced, thoughtful team that now has ease of communication and
purposeful guidance
5. 8.2 Information Security Risk Assessment
information security risk assessment at planned intervals
Planned interval could be taken from criteria established in clause 6.1.2 a
Retain documented information of the results
ASP.NET software companies India
6. 8.2 Information Security Risk Assessment Continued…
ASP.NET software companies India
http://www.mass.gov/anf/images/itd/risk-assessment-chart.jpg
7. 8.2 Information Security Risk Assessment Continued…
Why
Investment justification
Clear communication
Risk awareness
Physical and logical considerations
Qualitative v/s Quantitative approach
ASP.NET software companies India
8. Implement information security risk treatment plan
Retain documented information of the results of information security risk
treatment
8.3 Information Security Risk Treatment
ASP.NET software companies India
9. 8.3 Information Security Risk Treatment continued…
ASP.NET software companies India
http://image.slidesharecdn.com/hipaariskanalysis1-150420004244-conversion-
gate01/95/hipaa-risk-analysis14-26-638.jpg?cb=1429490749
10. Move from theory to practice
Who is going to implement each control
considerable time and effort (and money) to implement all the controls
ISO 27001 forces you to make this journey in a systematic way.
8.3 Information Security Risk Treatment continued…
ASP.NET software companies India
11. ISO 27001 forces you to make this journey in a systematic way.
Conclusion
12. References
ASP.NET software companies India
http://www.emrisk.com/knowledge-center/newsletters/assessing-information-security-
risk
http://www.vbpm.org/wp-content/uploads/2012/04/Ops-Plan-Control-WW-Synopsis-
20120213-Q2.pdf
13. Visit our website for more details…
http://www.ifour-consultancy.com/
iFour Consultancy Services
ASP.NET software companies India
Editor's Notes
ASP.NET software companies India – http://www.ifour-consultancy.com
http://www.ifourtechnolab.com
ASP.NET software companies India – http://www.ifour-consultancy.com
http://www.ifourtechnolab.com
ASP.NET software companies India – http://www.ifour-consultancy.com
http://www.ifourtechnolab.com
ASP.NET software companies India – http://www.ifour-consultancy.com
http://www.ifourtechnolab.com
ASP.NET software companies India – http://www.ifour-consultancy.com
http://www.ifourtechnolab.com
ASP.NET software companies India – http://www.ifour-consultancy.com
http://www.ifourtechnolab.com
ASP.NET software companies India – http://www.ifour-consultancy.com
http://www.ifourtechnolab.com
ASP.NET software companies India – http://www.ifour-consultancy.com
http://www.ifourtechnolab.com
ASP.NET software companies India – http://www.ifour-consultancy.com
http://www.ifourtechnolab.com
ASP.NET software companies India – http://www.ifour-consultancy.com
http://www.ifourtechnolab.com
ASP.NET software companies India – http://www.ifour-consultancy.com
http://www.ifourtechnolab.com