Mr. ahmed obaid the ceo guide to implement iso 27001

2,496 views

Published on

Published in: Technology, Business
0 Comments
5 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,496
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
325
Comments
0
Likes
5
Embeds 0
No embeds

No notes for slide
  • information to flow seamlessly from one part of the organization to another.information entered by : a data entrydata stored by information systems, ...data processed by software and hardware systemsInformation Transferred By Clients
  • الخصوصية : ضمان أن المعلومات متوافرة للأشخاص المفوض لهم الحصول عليها.التكاملية : توثيق دقة و اكتمال المعلومات و اساليب الإستعمال.التوافر : تأكيد أن مستخدم المعلومات المصرح لهم يتاح لهم المعلومات و الأصول المساعدة في حالة الإحتياج اليها.
  • الخدمة هي عبارة عن نواتج 1- الإجراءات (processes) التي تنفذ عن طريق2- الاشخاص ((peoples و مدعومة من 3- التكنولوجيا (technology
  • Intangible assets are nonphysical resources and rights that have a value to the firm because they give the firm some kind of advantage in the market place. Examples of intangible assets are goodwill, copyrights, trademarks, patents and computer programs
  • قد يبدو امرا بديهيا، لكنه لا يؤخذ بجدي كافيةعدم الحصول على دعم الإدارة العليا من الأسباب الأساسية لفشل مشاريع التأهل للحصول على الشهادةجوهر مشروع التأهل هو تغيير ثقافة و طريقة تعامل الموظفين مع تكنولوجيا المعلومات.تكليف فريق عمل بدون إعطاءه صلاحيات / عدد كافى من الموظفين / ميزانية كافية ، ستجعل فريق العمل يواجه أوقاتا عصيبة فى محاولة لتغيير الكثير من نظم العمل.
  • Mr. ahmed obaid the ceo guide to implement iso 27001

    1. 1. ISO 27001 The CEO Guideto implement ISO 27001
    2. 2. ISO 27001 ISO 27002 ISO 27001ISO 27001ISO 9001
    3. 3. Information can be StolenEntered Created LostStored Processed Destroyed Corrupted
    4. 4. Information Assets
    5. 5. Information • • • • •
    6. 6. What is Information? “Information is an asset which, like other important business assets, has value to an organization and consequently needs to be suitably protected.”Ref: ISO/IEC 17799:2005
    7. 7. Criteria of Information Security. Confidentiality Information Security Availability Integrity
    8. 8. People Processes Technology
    9. 9. ProcessesTechnology People
    10. 10. Information Security Management systemTangible assets Confidentiality People, Processes , TechnologyIntangible assets Integrity Plan | Do | Check | Act Availability ISO 27002, Code of Practice For ISO 27001, InformationInformation Security Management Security Management Systems – Requirement These standards are accepted as industry best practices
    11. 11. ISO 27001
    12. 12. ISO 27001
    13. 13. ISO 27001 Statement of applicability
    14. 14. ISO 27001 Statement of applicability
    15. 15. Military CommercialTop Secret. Confidential.Secret. Private.Confidential. Sensitive.Sensitive. Public.Unclassified.
    16. 16. ISO 27001 Statement of applicability
    17. 17. ISO 27001
    18. 18. ISO 27002 ISO 27001 ISO 27002 ISO 27001Control ISO 27001
    19. 19. Technical ProposalImplementation Methodology Training Process Project Documents
    20. 20. ISO 27001
    21. 21. ISO 27001
    22. 22. ISO 27001
    23. 23. ISO 9001 ISO 27001
    24. 24. Conclusion ISO 27001
    25. 25. Questions & Answers
    26. 26. • IT GOVERNANCE, A Managers Guide to Data Security and ISO 27001/ISO 27002, 4th edition, Alan Calder & Steve Watkins.• Effectively Managing Information Security Risk, A guide for executives, Citadel Information Group, Inc. , January, 2007• http://iso27001standard.com.

    ×