Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
iFour Consultancy 
Security awareness seminar 
An introduction to ISO27k 
Part - 1
Agenda 
 Information 
 Information Types 
 Information Lifecycle 
 What is information security? 
 Security elements ...
Information 
 Information is an asset which, like other important business assets, has value 
to an organization and cons...
Information Types 
Information exists in many forms: 
 Printed or written on paper 
 Stored electronically 
 Transmitte...
Information Lifecycle 
Information Can be: 
 Created 
 Owned (it is an asset) 
 Stored 
 Processed 
 Transmitted/comm...
What is information security? 
 Information security is what keeps valuable information ‘free of danger’ (protected, safe...
Security elements 
http://www.ifour-consultancy.com Software outsourcing company in India
People 
People who use or have an interest in our information security include: 
 Shareholders / owners 
 Management & s...
Processes 
 Processes are work practices or workflows, the steps or activities needed 
to accomplish business objectives ...
Technology 
 Cabling, data/voice networks and equipment 
 Telecommunications services (PABX, VoIP, ISDN, videoconferenci...
Information security is valuable because it 
 Protects information against various threats 
 Ensures business continuity...
Information security is defined as the preservation of: 
Confidentiality 
Making information accessible 
only to those aut...
http://www.ifour-consultancy.com Software outsourcing company in India
Upcoming SlideShare
Loading in …5
×
Upcoming SlideShare
ISO 27001 - Information security user awareness training presentation - part 3
Next
Download to read offline and view in fullscreen.

8

Share

Download to read offline

ISO 27001 - information security user awareness training presentation - Part 1

Download to read offline

This is a presentation on information security and its importance. It talks about ISO 27001 in later part.

http://www.ifour-consultancy.com - software outsourcing company in india

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all

ISO 27001 - information security user awareness training presentation - Part 1

  1. 1. iFour Consultancy Security awareness seminar An introduction to ISO27k Part - 1
  2. 2. Agenda  Information  Information Types  Information Lifecycle  What is information security?  Security elements  People  Processes  Technology  Information security is valuable because it  Information security definition http://www.ifour-consultancy.com Software outsourcing company in India
  3. 3. Information  Information is an asset which, like other important business assets, has value to an organization and consequently needs to be suitably protected http://www.ifour-consultancy.com Software outsourcing company in India
  4. 4. Information Types Information exists in many forms:  Printed or written on paper  Stored electronically  Transmitted by post or electronic means  Visual e.g. videos, diagrams  Published on the Web  Verbal/oral e.g. conversations, phone calls  Intangible e.g. knowledge, experience, expertise, ideas http://www.ifour-consultancy.com Software outsourcing company in India
  5. 5. Information Lifecycle Information Can be:  Created  Owned (it is an asset)  Stored  Processed  Transmitted/communicated  Used (for proper or improper purposes)  Modified or corrupted  Shared or disclosed (whether appropriately or not)  Destroyed or lost  Stolen  Controlled, secured and protected throughout its existence http://www.ifour-consultancy.com Software outsourcing company in India
  6. 6. What is information security?  Information security is what keeps valuable information ‘free of danger’ (protected, safe from harm)  It is not something you buy, it is something you do  It’s a process not a product  It is achieved using a combination of suitable strategies and approaches:  Determining the risks to information and treating them accordingly (proactive risk management)  Protecting CIA (Confidentiality, Integrity and Availability)  Avoiding, preventing, detecting and recovering from incidents  Securing people, processes and technology … not just IT! http://www.ifour-consultancy.com Software outsourcing company in India
  7. 7. Security elements http://www.ifour-consultancy.com Software outsourcing company in India
  8. 8. People People who use or have an interest in our information security include:  Shareholders / owners  Management & staff  Customers / clients, suppliers & business partners  Service providers, contractors, consultants & advisors  Authorities, regulators & judges Our biggest threats arise from people (social engineers, unethical competitors, hackers, fraudsters, careless workers, bugs, flaws …), yet our biggest asset is our people (e.g. security-aware employees who spot trouble early) http://www.ifour-consultancy.com Software outsourcing company in India
  9. 9. Processes  Processes are work practices or workflows, the steps or activities needed to accomplish business objectives  Processes are described in procedures.  Virtually all business processes involve and/or depend on information making information a critical business asset.  Information security policies and procedures define how we secure information appropriately and repeatedly. http://www.ifour-consultancy.com Software outsourcing company in India
  10. 10. Technology  Cabling, data/voice networks and equipment  Telecommunications services (PABX, VoIP, ISDN, videoconferencing)  Phones, cellphones, PDAs  Computer servers, desktops and associated data storage devices (disks, tapes)  Operating system and application software  Paperwork, files  Pens, ink  Security technologies  Locks, barriers, card-access systems, CCTV http://www.ifour-consultancy.com Software outsourcing company in India
  11. 11. Information security is valuable because it  Protects information against various threats  Ensures business continuity  Minimizes financial losses and other impacts  Optimizes return on investments  Creates opportunities to do business safely  Maintains privacy and compliance We all depend on information security http://www.ifour-consultancy.com Software outsourcing company in India
  12. 12. Information security is defined as the preservation of: Confidentiality Making information accessible only to those authorized to use it Integrity Safeguarding the accuracy and completeness of information and processing methods Availability Ensuring that information is available when required http://www.ifour-consultancy.com Software outsourcing company in India
  13. 13. http://www.ifour-consultancy.com Software outsourcing company in India
  • jhonnywhite1

    May. 21, 2020
  • HassanAsseriBPMITIL

    Jan. 23, 2017
  • masumbillah22

    Nov. 25, 2016
  • 3563

    May. 28, 2016
  • VuongNguyen45

    May. 13, 2016
  • kalvinder

    Jul. 23, 2015
  • alexandrempinto

    Jun. 28, 2015
  • setahir

    Mar. 10, 2015

This is a presentation on information security and its importance. It talks about ISO 27001 in later part. http://www.ifour-consultancy.com - software outsourcing company in india

Views

Total views

7,217

On Slideshare

0

From embeds

0

Number of embeds

35

Actions

Downloads

1,103

Shares

0

Comments

0

Likes

8

×