SlideShare a Scribd company logo

Why ISO27001 For My Organisation

Vigilant Software
Vigilant Software

, hosted by Alan Calder CEO and founder of Vigilant Software and acknowledged information security risk assessment and management thought leader, explains and discusses what is information security? What is an information security management system (ISMS)? What is ISO 27001? Why should I and my organisation care about ISO 27001?

1 of 20
Download to read offline
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Alan Calder CEO, Vigilant Software Thursday May 9th PLEASE NOTE THAT ALL DELEGATES IN THE TELECONFERENCE ARE MUTED ON JOINING. Q&A IS HANDLED THROUGH A COMBINATION OF WEBEX CHAT/TEXT AND VOICE Why ISO 27001 for my Organisation?
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Alan Calder • CEO and founder of Vigilant Software. • Acknowledged information security/risk management thought leader. • Managed the world’s first successful ISO 27001 (then BS7799) implementation project in 1996. • Frequent media commentator on risk management issues. • Co-author of vsRisk™ – the definitive cyber security risk assessment tool.
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Today’s Webinar in Context • Today’s webinar is #1 in a series of 4 educational webinars. • The 4 webinars are designed to take you on a learning journey: • Webinar 1 (Today) - Why ISO 27001 for my Organisation? • Webinar 2 – The Importance of risk management. • Webinar 3 – Carrying out a risk assessment using vsRisk. • Webinar 4 – Maintaining/updating your risk assessment using vsRisk. • Registration details of these webinars at the end.
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Today’s Agenda • A short 20-30 minutes educational and informative talk on: • What is information security? • What is an information security management system (ISMS)? • What is ISO 27001? • The drivers for ISO 27001. • Why should my organisation care about ISO 27001? • Accredited Certification. • The central role of risk assessment in ISO 27001. • Ample time for Q&A. • Next steps.
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 What is information security? ‘Preservation of confidentiality, integrity and availability of information; in addition, other properties such as authenticity, accountability, non-repudiation and reliability can also be involved’. ISO/IEC 27001:2005
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 What is an ISMS? Information Security Management System (ISMS): Systematic approach to managing confidential or sensitive corporate information so that it remains secure.
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 What is ISO 27001? • An ISMS standard that replaced BS77799-2:2002 in late 2005. • The world’s only cyber security standard. • Formally specifies an ISMS that is intended to bring information security under explicit management control. • Best practice specification that helps businesses and organisations throughout the world develop a best-in-class ISMS. • Adopts the Plan-Do-Check-Act (PDCA) model.
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Plan-Do-Check-Act
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Drivers for ISO 27001 • Clients need confidence in their supply chain. • Breaches of Personal Data can bring fines up to £500k by the Information Commissioner. • Data Handling Review 2008 – better information security in Govt and down the food chain. • Improved reputational protection. • Balance expenditure to the information security risk.
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Why should my organisation care about ISO 27001? Reason 1 - Compliance ISO 27001 can bring in the methodology that enables organisations to comply in the most efficient way. Certification is often the quickest ‘return on investment’ – if an organisation must comply to various regulations regarding data protection, privacy and IT governance (particularly if it is a financial, health or government organisation).
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Why should my organisation care about ISO 27001? Reason 2 - Marketing edge In a market which is more and more competitive, it is sometimes very difficult to find something that will differentiate you in the eyes of your customers. ISO 27001 could be indeed a unique selling point, especially if you handle clients’ sensitive information.
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Why should my organisation care about ISO 27001? Reason 3 - Lowering the expenses Information security is usually considered as a cost with no obvious financial gain. However, there is financial gain if you lower your expenses caused by incidents. You probably do have interruption in service, or occasional data leakage, or disgruntled employees. Or disgruntled former employees.
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Why should my organisation care about ISO 27001? Reason 4 - Putting your business in order ISO 27001 is particularly good in sorting out those thorny management system issues – it forces you to define very precisely both the responsibilities and duties, and therefore strengthen your internal organisation.
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Accredited Certification •Provides evidence of Information Security Management System assurance. •Verified by independent auditor. •In UK authority is UKAS Accredited Certification scheme: World wide recognition. •National certification body – member of International Accreditation Forum.
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 The central role of risk assessment in ISO 27001 ISO 27001:2005 conformance requires implementation and documentation of an Information Security Management System (ISMS) implementing controls selected in accordance with 4.2..1.g, (control objectives in Annex A)
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 The central role of risk assessment in ISO 27001 •Structured ISMS gives: • Best practice. • Marketing opportunities. • Compliance to Corporate Governance requirements. • Appropriate action to comply with law. • Systematic approach to risks. • Credibility with staff, customers and partner organisations. • Informed decisions on security investments.
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Next Steps – Upcoming Educational Webinars • Webinar 2 - The Importance of Risk Management - Thursday May 16th, 4pm UK Time (Next week). • Webinar 3 - Carrying out a Risk Assessment using vsRisk - Thursday May 23rd, 4pm UK Time. • Webinar 4 - Maintaining and Updating your Risk Assessment using vsRisk - Thursday May 30th, 4pm UK Time. Includes announcement of special offer for vsRisk for webinar registrants. Registration details at http://www.vigilantsoftware.co.uk/webinars.aspx
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Before the next webinars… Read a book… Read the world's first practical e-book guidance on achieving ISO 27001 certification and the nine essential steps to an effective ISMS implementation. Available for £25.95 (usually £29.95) http://www.vigilantsoftware.co.uk/pr oduct/1651.aspx Download a free trial of vsRisk The cyber security risk assessment tool compliant to ISO 27001 that automates and accelerates the risk management process. 15-day free trial at http://www.vigilantsoftware.co.uk
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Next Steps – Want to know more? If you would like to know more about ISO 27001, including how to carry out an ISO 27001-compliant risk assessment, please visit http://www.vigilantsoftware.co.uk/ or email servicecentre@vigilantsoftware.co.uk.
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Questions – we welcome them all! Please type your questions into the gotowebinar chat window – responses will generally be verbal and shared with all delegates.

Recommended

Basic introduction to iso27001
Basic introduction to iso27001Basic introduction to iso27001
Basic introduction to iso27001
Imran Ahmed
 
ISO 27001 Benefits
ISO 27001 BenefitsISO 27001 Benefits
ISO 27001 Benefits
Dejan Kosutic
 
27001 awareness Training
27001 awareness Training27001 awareness Training
27001 awareness Training
Dr Madhu Aman Sharma
 
ISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptx
Dr Madhu Aman Sharma
 
Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentation
Midhun Nirmal
 
ISO 27001 - Information Security Management System
ISO 27001 - Information Security Management SystemISO 27001 - Information Security Management System
ISO 27001 - Information Security Management System
Muhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 
Iso 27001 awareness
Iso 27001 awarenessIso 27001 awareness
Iso 27001 awareness
Ãsħâr Ãâlâm
 
ISO 27001
ISO 27001ISO 27001
ISO 27001
n|u - The Open Security Community
 

Recommended

Basic introduction to iso27001
Basic introduction to iso27001Basic introduction to iso27001
Basic introduction to iso27001
Imran Ahmed
 
ISO 27001 Benefits
ISO 27001 BenefitsISO 27001 Benefits
ISO 27001 Benefits
Dejan Kosutic
 
27001 awareness Training
27001 awareness Training27001 awareness Training
27001 awareness Training
Dr Madhu Aman Sharma
 
ISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptx
Dr Madhu Aman Sharma
 
Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentation
Midhun Nirmal
 
ISO 27001 - Information Security Management System
ISO 27001 - Information Security Management SystemISO 27001 - Information Security Management System
ISO 27001 - Information Security Management System
Muhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 
Iso 27001 awareness
Iso 27001 awarenessIso 27001 awareness
Iso 27001 awareness
Ãsħâr Ãâlâm
 
ISO 27001
ISO 27001ISO 27001
ISO 27001
n|u - The Open Security Community
 
2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdf2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdf
ControlCase
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process Overview
Shankar Subramaniyan
 
isms-presentation.ppt
isms-presentation.pptisms-presentation.ppt
isms-presentation.ppt
HasnolAhmad2
 
ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3
Tanmay Shinde
 
What is ISO 27001 ISMS
What is ISO 27001 ISMSWhat is ISO 27001 ISMS
What is ISO 27001 ISMS
Business Beam
 
Implementing ISO27001 2013
Implementing ISO27001 2013Implementing ISO27001 2013
Implementing ISO27001 2013
scttmcvy
 
What is iso 27001 isms
What is iso 27001 ismsWhat is iso 27001 isms
What is iso 27001 isms
Craig Willetts ISO Expert
 
Iso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromIso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interprom
Mart Rovers
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032
PECB
 
ISO 27001_2022 What has changed 2.0 for ISACA.pdf
ISO 27001_2022 What has changed 2.0 for ISACA.pdfISO 27001_2022 What has changed 2.0 for ISACA.pdf
ISO 27001_2022 What has changed 2.0 for ISACA.pdf
Andrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
ISO 27001 Certification - The Benefits and Challenges
ISO 27001 Certification - The Benefits and ChallengesISO 27001 Certification - The Benefits and Challenges
ISO 27001 Certification - The Benefits and Challenges
Certification Europe
 
Project plan for ISO 27001
Project plan for ISO 27001Project plan for ISO 27001
Project plan for ISO 27001
technakama
 
Steps to iso 27001 implementation
Steps to iso 27001 implementationSteps to iso 27001 implementation
Steps to iso 27001 implementation
Ralf Braga
 
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
Operational Excellence Consulting
 
ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1
Tanmay Shinde
 
All you wanted to know about iso 27000
All you wanted to know about iso 27000All you wanted to know about iso 27000
All you wanted to know about iso 27000
Ramana K V
 
ISO 27001:2022 Introduction
ISO 27001:2022 IntroductionISO 27001:2022 Introduction
ISO 27001:2022 Introduction
Andrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
ISO 27001 2013 isms final overview
ISO 27001 2013 isms final overviewISO 27001 2013 isms final overview
ISO 27001 2013 isms final overview
Naresh Rao
 
ISO 27001 Training | ISMS Awareness Training
ISO 27001 Training | ISMS Awareness TrainingISO 27001 Training | ISMS Awareness Training
ISO 27001 Training | ISMS Awareness Training
himalya sharma
 
ISMS Part I
ISMS Part IISMS Part I
ISMS Part I
khushboo
 
Iso27001 The Road To Certification
Iso27001 The Road To CertificationIso27001 The Road To Certification
Iso27001 The Road To Certificationtschraider
 
ISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureUppala Anand
 

More Related Content

What's hot

2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdf2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdf
ControlCase
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process Overview
Shankar Subramaniyan
 
isms-presentation.ppt
isms-presentation.pptisms-presentation.ppt
isms-presentation.ppt
HasnolAhmad2
 
ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3
Tanmay Shinde
 
What is ISO 27001 ISMS
What is ISO 27001 ISMSWhat is ISO 27001 ISMS
What is ISO 27001 ISMS
Business Beam
 
Implementing ISO27001 2013
Implementing ISO27001 2013Implementing ISO27001 2013
Implementing ISO27001 2013
scttmcvy
 
What is iso 27001 isms
What is iso 27001 ismsWhat is iso 27001 isms
What is iso 27001 isms
Craig Willetts ISO Expert
 
Iso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromIso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interprom
Mart Rovers
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032
PECB
 
ISO 27001_2022 What has changed 2.0 for ISACA.pdf
ISO 27001_2022 What has changed 2.0 for ISACA.pdfISO 27001_2022 What has changed 2.0 for ISACA.pdf
ISO 27001_2022 What has changed 2.0 for ISACA.pdf
Andrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
ISO 27001 Certification - The Benefits and Challenges
ISO 27001 Certification - The Benefits and ChallengesISO 27001 Certification - The Benefits and Challenges
ISO 27001 Certification - The Benefits and Challenges
Certification Europe
 
Project plan for ISO 27001
Project plan for ISO 27001Project plan for ISO 27001
Project plan for ISO 27001
technakama
 
Steps to iso 27001 implementation
Steps to iso 27001 implementationSteps to iso 27001 implementation
Steps to iso 27001 implementation
Ralf Braga
 
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
Operational Excellence Consulting
 
ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1
Tanmay Shinde
 
All you wanted to know about iso 27000
All you wanted to know about iso 27000All you wanted to know about iso 27000
All you wanted to know about iso 27000
Ramana K V
 
ISO 27001:2022 Introduction
ISO 27001:2022 IntroductionISO 27001:2022 Introduction
ISO 27001:2022 Introduction
Andrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
ISO 27001 2013 isms final overview
ISO 27001 2013 isms final overviewISO 27001 2013 isms final overview
ISO 27001 2013 isms final overview
Naresh Rao
 
ISO 27001 Training | ISMS Awareness Training
ISO 27001 Training | ISMS Awareness TrainingISO 27001 Training | ISMS Awareness Training
ISO 27001 Training | ISMS Awareness Training
himalya sharma
 
ISMS Part I
ISMS Part IISMS Part I
ISMS Part I
khushboo
 

What's hot (20)

2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdf2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdf
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process Overview
 
isms-presentation.ppt
isms-presentation.pptisms-presentation.ppt
isms-presentation.ppt
 
ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3
 
What is ISO 27001 ISMS
What is ISO 27001 ISMSWhat is ISO 27001 ISMS
What is ISO 27001 ISMS
 
Implementing ISO27001 2013
Implementing ISO27001 2013Implementing ISO27001 2013
Implementing ISO27001 2013
 
What is iso 27001 isms
What is iso 27001 ismsWhat is iso 27001 isms
What is iso 27001 isms
 
Iso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromIso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interprom
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032
 
ISO 27001_2022 What has changed 2.0 for ISACA.pdf
ISO 27001_2022 What has changed 2.0 for ISACA.pdfISO 27001_2022 What has changed 2.0 for ISACA.pdf
ISO 27001_2022 What has changed 2.0 for ISACA.pdf
 
ISO 27001 Certification - The Benefits and Challenges
ISO 27001 Certification - The Benefits and ChallengesISO 27001 Certification - The Benefits and Challenges
ISO 27001 Certification - The Benefits and Challenges
 
Project plan for ISO 27001
Project plan for ISO 27001Project plan for ISO 27001
Project plan for ISO 27001
 
Steps to iso 27001 implementation
Steps to iso 27001 implementationSteps to iso 27001 implementation
Steps to iso 27001 implementation
 
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
 
ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1
 
All you wanted to know about iso 27000
All you wanted to know about iso 27000All you wanted to know about iso 27000
All you wanted to know about iso 27000
 
ISO 27001:2022 Introduction
ISO 27001:2022 IntroductionISO 27001:2022 Introduction
ISO 27001:2022 Introduction
 
ISO 27001 2013 isms final overview
ISO 27001 2013 isms final overviewISO 27001 2013 isms final overview
ISO 27001 2013 isms final overview
 
ISO 27001 Training | ISMS Awareness Training
ISO 27001 Training | ISMS Awareness TrainingISO 27001 Training | ISMS Awareness Training
ISO 27001 Training | ISMS Awareness Training
 
ISMS Part I
ISMS Part IISMS Part I
ISMS Part I
 

Viewers also liked

Iso27001 The Road To Certification
Iso27001 The Road To CertificationIso27001 The Road To Certification
Iso27001 The Road To Certificationtschraider
 
ISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureUppala Anand
 
The importance of information security risk management
The importance of information security risk managementThe importance of information security risk management
The importance of information security risk management
Michael Francis
 
ISO 27002 2013 Atualizações / mudanças
ISO 27002 2013 Atualizações / mudanças ISO 27002 2013 Atualizações / mudanças
ISO 27002 2013 Atualizações / mudanças
Fernando Palma
 
"I am Certified, but am I Safe?" - Information Security Summit, Kuala Lumpur,...
"I am Certified, but am I Safe?" - Information Security Summit, Kuala Lumpur,..."I am Certified, but am I Safe?" - Information Security Summit, Kuala Lumpur,...
"I am Certified, but am I Safe?" - Information Security Summit, Kuala Lumpur,...
Anup Narayanan
 
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...
PECB
 
Iso27001 Isaca Seminar (23 May 08)
Iso27001 Isaca Seminar (23 May 08)Iso27001 Isaca Seminar (23 May 08)
Iso27001 Isaca Seminar (23 May 08)samsontamwaiho
 
Iso27001 Audit Services
Iso27001 Audit ServicesIso27001 Audit Services
Iso27001 Audit Servicestschraider
 
ISMS implementation challenges-KASYS
ISMS implementation challenges-KASYSISMS implementation challenges-KASYS
ISMS implementation challenges-KASYS
Reza Teynia ISMS, ITSM, MSc
 
Why ISO-27001 is a better choice?
Why ISO-27001 is a better choice? Why ISO-27001 is a better choice?
Why ISO-27001 is a better choice?
Patten John
 
IBM Security Strategy Overview
IBM Security Strategy OverviewIBM Security Strategy Overview
IBM Security Strategy Overview
xband
 
Information Security Management Systems(ISMS) By Dr Wafula
Information Security Management Systems(ISMS) By Dr WafulaInformation Security Management Systems(ISMS) By Dr Wafula
Information Security Management Systems(ISMS) By Dr WafulaDiscover JKUAT
 
Iso27001 Risk Assessment Approach
Iso27001 Risk Assessment ApproachIso27001 Risk Assessment Approach
Iso27001 Risk Assessment Approachtschraider
 
ISO 27001 Implementation_Documentation_Mandatory_List
ISO 27001 Implementation_Documentation_Mandatory_ListISO 27001 Implementation_Documentation_Mandatory_List
ISO 27001 Implementation_Documentation_Mandatory_List
SriramITISConsultant
 
ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2
Tanmay Shinde
 
Hazard Identification, Risk Assessment and Risk Control (HIRARC) Malay version
Hazard Identification, Risk Assessment and Risk Control (HIRARC) Malay versionHazard Identification, Risk Assessment and Risk Control (HIRARC) Malay version
Hazard Identification, Risk Assessment and Risk Control (HIRARC) Malay version
Norrazman Zaiha Zainol
 
Using vsRisk to carry out a risk assessment
Using vsRisk to carry out a risk assessmentUsing vsRisk to carry out a risk assessment
Using vsRisk to carry out a risk assessment
Michael Francis
 

Viewers also liked (18)

Iso27001 The Road To Certification
Iso27001 The Road To CertificationIso27001 The Road To Certification
Iso27001 The Road To Certification
 
ISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedure
 
The importance of information security risk management
The importance of information security risk managementThe importance of information security risk management
The importance of information security risk management
 
ISO 27002 2013 Atualizações / mudanças
ISO 27002 2013 Atualizações / mudanças ISO 27002 2013 Atualizações / mudanças
ISO 27002 2013 Atualizações / mudanças
 
"I am Certified, but am I Safe?" - Information Security Summit, Kuala Lumpur,...
"I am Certified, but am I Safe?" - Information Security Summit, Kuala Lumpur,..."I am Certified, but am I Safe?" - Information Security Summit, Kuala Lumpur,...
"I am Certified, but am I Safe?" - Information Security Summit, Kuala Lumpur,...
 
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...
 
Iso27001 Isaca Seminar (23 May 08)
Iso27001 Isaca Seminar (23 May 08)Iso27001 Isaca Seminar (23 May 08)
Iso27001 Isaca Seminar (23 May 08)
 
Iso27001 Audit Services
Iso27001 Audit ServicesIso27001 Audit Services
Iso27001 Audit Services
 
ISMS implementation challenges-KASYS
ISMS implementation challenges-KASYSISMS implementation challenges-KASYS
ISMS implementation challenges-KASYS
 
Why ISO-27001 is a better choice?
Why ISO-27001 is a better choice? Why ISO-27001 is a better choice?
Why ISO-27001 is a better choice?
 
IBM Security Strategy Overview
IBM Security Strategy OverviewIBM Security Strategy Overview
IBM Security Strategy Overview
 
Information Security Management Systems(ISMS) By Dr Wafula
Information Security Management Systems(ISMS) By Dr WafulaInformation Security Management Systems(ISMS) By Dr Wafula
Information Security Management Systems(ISMS) By Dr Wafula
 
Iso27001 Risk Assessment Approach
Iso27001 Risk Assessment ApproachIso27001 Risk Assessment Approach
Iso27001 Risk Assessment Approach
 
ISO 27001 Implementation_Documentation_Mandatory_List
ISO 27001 Implementation_Documentation_Mandatory_ListISO 27001 Implementation_Documentation_Mandatory_List
ISO 27001 Implementation_Documentation_Mandatory_List
 
ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2
 
Hazard Identification, Risk Assessment and Risk Control (HIRARC) Malay version
Hazard Identification, Risk Assessment and Risk Control (HIRARC) Malay versionHazard Identification, Risk Assessment and Risk Control (HIRARC) Malay version
Hazard Identification, Risk Assessment and Risk Control (HIRARC) Malay version
 
risk assessment
risk assessment risk assessment
risk assessment
 
Using vsRisk to carry out a risk assessment
Using vsRisk to carry out a risk assessmentUsing vsRisk to carry out a risk assessment
Using vsRisk to carry out a risk assessment
 

Similar to Why ISO27001 For My Organisation

Why ISO27001/ISO27005 for my organisation
Why ISO27001/ISO27005 for my organisationWhy ISO27001/ISO27005 for my organisation
Why ISO27001/ISO27005 for my organisation
Michael Francis
 
Maintaining and updating your risk assessment using vsRisk
Maintaining and updating your risk assessment using vsRiskMaintaining and updating your risk assessment using vsRisk
Maintaining and updating your risk assessment using vsRisk
Michael Francis
 
The Importance of Risk Management
The Importance of Risk ManagementThe Importance of Risk Management
The Importance of Risk ManagementVigilant Software
 
Maintaining and updating your risk assessment using vsRisk
Maintaining and updating your risk assessment using vsRiskMaintaining and updating your risk assessment using vsRisk
Maintaining and updating your risk assessment using vsRiskVigilant Software
 
vsRisk - features and benefits.ppt
vsRisk - features and benefits.pptvsRisk - features and benefits.ppt
vsRisk - features and benefits.ppt
scribdJobAN
 
A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...
A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...
A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...
Tromenz Learning
 
Iso 27001 isms - white paper
Iso 27001 isms - white paperIso 27001 isms - white paper
Iso 27001 isms - white paper
Lakshy Management Consultant Pvt Ltd
 
Iso 27001 isms
Iso 27001 ismsIso 27001 isms
Iso 27001 isms
Lakshy Management Consultant Pvt Ltd
 
NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001
NQA
 
NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001
NA Putra
 
ISO 27001 Consultants in the UAE - Ensuring Robust Information Security
ISO 27001 Consultants in the UAE - Ensuring Robust Information SecurityISO 27001 Consultants in the UAE - Ensuring Robust Information Security
ISO 27001 Consultants in the UAE - Ensuring Robust Information Security
IBEX SYSTEMS
 
iso 27001 certification
iso 27001 certificationiso 27001 certification
iso 27001 certification
denieljulian79
 
Cyber Security and Cloud Security
Cyber Security and Cloud SecurityCyber Security and Cloud Security
Cyber Security and Cloud Security
IT Governance Ltd
 
ISO 27001 Certification What It Is And Why You Need It.pdf
ISO 27001 Certification What It Is And Why You Need It.pdfISO 27001 Certification What It Is And Why You Need It.pdf
ISO 27001 Certification What It Is And Why You Need It.pdf
OFFICE
 
Maximize Data Security with ISO 27001 Certification in Saudi Arabia.pdf
Maximize Data Security with ISO 27001 Certification in Saudi Arabia.pdfMaximize Data Security with ISO 27001 Certification in Saudi Arabia.pdf
Maximize Data Security with ISO 27001 Certification in Saudi Arabia.pdf
Maxicert Mohan
 
Iso 27001 certification in oman
Iso 27001 certification in omanIso 27001 certification in oman
Iso 27001 certification in oman
KumudaFactocert
 
Ants and Elephants in the CISO's Office by Paul Rain
Ants and Elephants in the CISO's Office by Paul RainAnts and Elephants in the CISO's Office by Paul Rain
Ants and Elephants in the CISO's Office by Paul Rain
Priyanka Aash
 
Iso 27001 certification in oman
Iso 27001 certification in omanIso 27001 certification in oman
Iso 27001 certification in oman
KumudaFactocert
 
ISO 27001 certification cost in Bangalore.ppt
ISO 27001 certification cost in Bangalore.pptISO 27001 certification cost in Bangalore.ppt
ISO 27001 certification cost in Bangalore.ppt
HardinScott8
 

Similar to Why ISO27001 For My Organisation (20)

Why ISO27001/ISO27005 for my organisation
Why ISO27001/ISO27005 for my organisationWhy ISO27001/ISO27005 for my organisation
Why ISO27001/ISO27005 for my organisation
 
Maintaining and updating your risk assessment using vsRisk
Maintaining and updating your risk assessment using vsRiskMaintaining and updating your risk assessment using vsRisk
Maintaining and updating your risk assessment using vsRisk
 
The Importance of Risk Management
The Importance of Risk ManagementThe Importance of Risk Management
The Importance of Risk Management
 
Maintaining and updating your risk assessment using vsRisk
Maintaining and updating your risk assessment using vsRiskMaintaining and updating your risk assessment using vsRisk
Maintaining and updating your risk assessment using vsRisk
 
Cyber Security Management
Cyber Security ManagementCyber Security Management
Cyber Security Management
 
vsRisk - features and benefits.ppt
vsRisk - features and benefits.pptvsRisk - features and benefits.ppt
vsRisk - features and benefits.ppt
 
A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...
A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...
A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...
 
Iso 27001 isms - white paper
Iso 27001 isms - white paperIso 27001 isms - white paper
Iso 27001 isms - white paper
 
Iso 27001 isms
Iso 27001 ismsIso 27001 isms
Iso 27001 isms
 
NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001
 
NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001
 
ISO 27001 Consultants in the UAE - Ensuring Robust Information Security
ISO 27001 Consultants in the UAE - Ensuring Robust Information SecurityISO 27001 Consultants in the UAE - Ensuring Robust Information Security
ISO 27001 Consultants in the UAE - Ensuring Robust Information Security
 
iso 27001 certification
iso 27001 certificationiso 27001 certification
iso 27001 certification
 
Cyber Security and Cloud Security
Cyber Security and Cloud SecurityCyber Security and Cloud Security
Cyber Security and Cloud Security
 
ISO 27001 Certification What It Is And Why You Need It.pdf
ISO 27001 Certification What It Is And Why You Need It.pdfISO 27001 Certification What It Is And Why You Need It.pdf
ISO 27001 Certification What It Is And Why You Need It.pdf
 
Maximize Data Security with ISO 27001 Certification in Saudi Arabia.pdf
Maximize Data Security with ISO 27001 Certification in Saudi Arabia.pdfMaximize Data Security with ISO 27001 Certification in Saudi Arabia.pdf
Maximize Data Security with ISO 27001 Certification in Saudi Arabia.pdf
 
Iso 27001 certification in oman
Iso 27001 certification in omanIso 27001 certification in oman
Iso 27001 certification in oman
 
Ants and Elephants in the CISO's Office by Paul Rain
Ants and Elephants in the CISO's Office by Paul RainAnts and Elephants in the CISO's Office by Paul Rain
Ants and Elephants in the CISO's Office by Paul Rain
 
Iso 27001 certification in oman
Iso 27001 certification in omanIso 27001 certification in oman
Iso 27001 certification in oman
 
ISO 27001 certification cost in Bangalore.ppt
ISO 27001 certification cost in Bangalore.pptISO 27001 certification cost in Bangalore.ppt
ISO 27001 certification cost in Bangalore.ppt
 

Recently uploaded

Accpac to QuickBooks Conversion Navigating the Transition with Online Account...
Accpac to QuickBooks Conversion Navigating the Transition with Online Account...Accpac to QuickBooks Conversion Navigating the Transition with Online Account...
Accpac to QuickBooks Conversion Navigating the Transition with Online Account...
PaulBryant58
 
Project File Report BBA 6th semester.pdf
Project File Report BBA 6th semester.pdfProject File Report BBA 6th semester.pdf
Project File Report BBA 6th semester.pdf
RajPriye
 
Cracking the Workplace Discipline Code Main.pptx
Cracking the Workplace Discipline Code Main.pptxCracking the Workplace Discipline Code Main.pptx
Cracking the Workplace Discipline Code Main.pptx
Workforce Group
 
Introduction to Amazon company 111111111111
Introduction to Amazon company 111111111111Introduction to Amazon company 111111111111
Introduction to Amazon company 111111111111
zoyaansari11365
 
Enterprise Excellence is Inclusive Excellence.pdf
Enterprise Excellence is Inclusive Excellence.pdfEnterprise Excellence is Inclusive Excellence.pdf
Enterprise Excellence is Inclusive Excellence.pdf
KaiNexus
 
Discover the innovative and creative projects that highlight my journey throu...
Discover the innovative and creative projects that highlight my journey throu...Discover the innovative and creative projects that highlight my journey throu...
Discover the innovative and creative projects that highlight my journey throu...
dylandmeas
 
falcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-indiafalcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-india
Falcon Invoice Discounting
 
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBdCree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
creerey
 
FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134
LR1709MUSIC
 
Attending a job Interview for B1 and B2 Englsih learners
Attending a job Interview for B1 and B2 Englsih learnersAttending a job Interview for B1 and B2 Englsih learners
Attending a job Interview for B1 and B2 Englsih learners
Erika906060
 
Affordable Stationery Printing Services in Jaipur | Navpack n Print
Affordable Stationery Printing Services in Jaipur | Navpack n PrintAffordable Stationery Printing Services in Jaipur | Navpack n Print
Affordable Stationery Printing Services in Jaipur | Navpack n Print
Navpack & Print
 
What is the TDS Return Filing Due Date for FY 2024-25.pdf
What is the TDS Return Filing Due Date for FY 2024-25.pdfWhat is the TDS Return Filing Due Date for FY 2024-25.pdf
What is the TDS Return Filing Due Date for FY 2024-25.pdf
seoforlegalpillers
 
The Parable of the Pipeline a book every new businessman or business student ...
The Parable of the Pipeline a book every new businessman or business student ...The Parable of the Pipeline a book every new businessman or business student ...
The Parable of the Pipeline a book every new businessman or business student ...
awaisafdar
 
5 Things You Need To Know Before Hiring a Videographer
5 Things You Need To Know Before Hiring a Videographer5 Things You Need To Know Before Hiring a Videographer
5 Things You Need To Know Before Hiring a Videographer
ofm712785
 
Filing Your Delaware Franchise Tax A Detailed Guide
Filing Your Delaware Franchise Tax A Detailed GuideFiling Your Delaware Franchise Tax A Detailed Guide
Filing Your Delaware Franchise Tax A Detailed Guide
YourLegal Accounting
 
CADAVER AS OUR FIRST TEACHER anatomt in your.pptx
CADAVER AS OUR FIRST TEACHER anatomt in your.pptxCADAVER AS OUR FIRST TEACHER anatomt in your.pptx
CADAVER AS OUR FIRST TEACHER anatomt in your.pptx
fakeloginn69
 
India Orthopedic Devices Market: Unlocking Growth Secrets, Trends and Develop...
India Orthopedic Devices Market: Unlocking Growth Secrets, Trends and Develop...India Orthopedic Devices Market: Unlocking Growth Secrets, Trends and Develop...
India Orthopedic Devices Market: Unlocking Growth Secrets, Trends and Develop...
Kumar Satyam
 
What are the main advantages of using HR recruiter services.pdf
What are the main advantages of using HR recruiter services.pdfWhat are the main advantages of using HR recruiter services.pdf
What are the main advantages of using HR recruiter services.pdf
HumanResourceDimensi1
 
BeMetals Presentation_May_22_2024 .pdf
BeMetals Presentation_May_22_2024 .pdfBeMetals Presentation_May_22_2024 .pdf
BeMetals Presentation_May_22_2024 .pdf
DerekIwanaka1
 
Exploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social DreamingExploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social Dreaming
Nicola Wreford-Howard
 

Recently uploaded (20)

Accpac to QuickBooks Conversion Navigating the Transition with Online Account...
Accpac to QuickBooks Conversion Navigating the Transition with Online Account...Accpac to QuickBooks Conversion Navigating the Transition with Online Account...
Accpac to QuickBooks Conversion Navigating the Transition with Online Account...
 
Project File Report BBA 6th semester.pdf
Project File Report BBA 6th semester.pdfProject File Report BBA 6th semester.pdf
Project File Report BBA 6th semester.pdf
 
Cracking the Workplace Discipline Code Main.pptx
Cracking the Workplace Discipline Code Main.pptxCracking the Workplace Discipline Code Main.pptx
Cracking the Workplace Discipline Code Main.pptx
 
Introduction to Amazon company 111111111111
Introduction to Amazon company 111111111111Introduction to Amazon company 111111111111
Introduction to Amazon company 111111111111
 
Enterprise Excellence is Inclusive Excellence.pdf
Enterprise Excellence is Inclusive Excellence.pdfEnterprise Excellence is Inclusive Excellence.pdf
Enterprise Excellence is Inclusive Excellence.pdf
 
Discover the innovative and creative projects that highlight my journey throu...
Discover the innovative and creative projects that highlight my journey throu...Discover the innovative and creative projects that highlight my journey throu...
Discover the innovative and creative projects that highlight my journey throu...
 
falcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-indiafalcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-india
 
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBdCree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
 
FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134
 
Attending a job Interview for B1 and B2 Englsih learners
Attending a job Interview for B1 and B2 Englsih learnersAttending a job Interview for B1 and B2 Englsih learners
Attending a job Interview for B1 and B2 Englsih learners
 
Affordable Stationery Printing Services in Jaipur | Navpack n Print
Affordable Stationery Printing Services in Jaipur | Navpack n PrintAffordable Stationery Printing Services in Jaipur | Navpack n Print
Affordable Stationery Printing Services in Jaipur | Navpack n Print
 
What is the TDS Return Filing Due Date for FY 2024-25.pdf
What is the TDS Return Filing Due Date for FY 2024-25.pdfWhat is the TDS Return Filing Due Date for FY 2024-25.pdf
What is the TDS Return Filing Due Date for FY 2024-25.pdf
 
The Parable of the Pipeline a book every new businessman or business student ...
The Parable of the Pipeline a book every new businessman or business student ...The Parable of the Pipeline a book every new businessman or business student ...
The Parable of the Pipeline a book every new businessman or business student ...
 
5 Things You Need To Know Before Hiring a Videographer
5 Things You Need To Know Before Hiring a Videographer5 Things You Need To Know Before Hiring a Videographer
5 Things You Need To Know Before Hiring a Videographer
 
Filing Your Delaware Franchise Tax A Detailed Guide
Filing Your Delaware Franchise Tax A Detailed GuideFiling Your Delaware Franchise Tax A Detailed Guide
Filing Your Delaware Franchise Tax A Detailed Guide
 
CADAVER AS OUR FIRST TEACHER anatomt in your.pptx
CADAVER AS OUR FIRST TEACHER anatomt in your.pptxCADAVER AS OUR FIRST TEACHER anatomt in your.pptx
CADAVER AS OUR FIRST TEACHER anatomt in your.pptx
 
India Orthopedic Devices Market: Unlocking Growth Secrets, Trends and Develop...
India Orthopedic Devices Market: Unlocking Growth Secrets, Trends and Develop...India Orthopedic Devices Market: Unlocking Growth Secrets, Trends and Develop...
India Orthopedic Devices Market: Unlocking Growth Secrets, Trends and Develop...
 
What are the main advantages of using HR recruiter services.pdf
What are the main advantages of using HR recruiter services.pdfWhat are the main advantages of using HR recruiter services.pdf
What are the main advantages of using HR recruiter services.pdf
 
BeMetals Presentation_May_22_2024 .pdf
BeMetals Presentation_May_22_2024 .pdfBeMetals Presentation_May_22_2024 .pdf
BeMetals Presentation_May_22_2024 .pdf
 
Exploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social DreamingExploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social Dreaming
 

Why ISO27001 For My Organisation

  • 1. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Alan Calder CEO, Vigilant Software Thursday May 9th PLEASE NOTE THAT ALL DELEGATES IN THE TELECONFERENCE ARE MUTED ON JOINING. Q&A IS HANDLED THROUGH A COMBINATION OF WEBEX CHAT/TEXT AND VOICE Why ISO 27001 for my Organisation?
  • 2. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Alan Calder • CEO and founder of Vigilant Software. • Acknowledged information security/risk management thought leader. • Managed the world’s first successful ISO 27001 (then BS7799) implementation project in 1996. • Frequent media commentator on risk management issues. • Co-author of vsRisk™ – the definitive cyber security risk assessment tool.
  • 3. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Today’s Webinar in Context • Today’s webinar is #1 in a series of 4 educational webinars. • The 4 webinars are designed to take you on a learning journey: • Webinar 1 (Today) - Why ISO 27001 for my Organisation? • Webinar 2 – The Importance of risk management. • Webinar 3 – Carrying out a risk assessment using vsRisk. • Webinar 4 – Maintaining/updating your risk assessment using vsRisk. • Registration details of these webinars at the end.
  • 4. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Today’s Agenda • A short 20-30 minutes educational and informative talk on: • What is information security? • What is an information security management system (ISMS)? • What is ISO 27001? • The drivers for ISO 27001. • Why should my organisation care about ISO 27001? • Accredited Certification. • The central role of risk assessment in ISO 27001. • Ample time for Q&A. • Next steps.
  • 5. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 What is information security? ‘Preservation of confidentiality, integrity and availability of information; in addition, other properties such as authenticity, accountability, non-repudiation and reliability can also be involved’. ISO/IEC 27001:2005
  • 6. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 What is an ISMS? Information Security Management System (ISMS): Systematic approach to managing confidential or sensitive corporate information so that it remains secure.
  • 7. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 What is ISO 27001? • An ISMS standard that replaced BS77799-2:2002 in late 2005. • The world’s only cyber security standard. • Formally specifies an ISMS that is intended to bring information security under explicit management control. • Best practice specification that helps businesses and organisations throughout the world develop a best-in-class ISMS. • Adopts the Plan-Do-Check-Act (PDCA) model.
  • 8. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Plan-Do-Check-Act
  • 9. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Drivers for ISO 27001 • Clients need confidence in their supply chain. • Breaches of Personal Data can bring fines up to £500k by the Information Commissioner. • Data Handling Review 2008 – better information security in Govt and down the food chain. • Improved reputational protection. • Balance expenditure to the information security risk.
  • 10. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Why should my organisation care about ISO 27001? Reason 1 - Compliance ISO 27001 can bring in the methodology that enables organisations to comply in the most efficient way. Certification is often the quickest ‘return on investment’ – if an organisation must comply to various regulations regarding data protection, privacy and IT governance (particularly if it is a financial, health or government organisation).
  • 11. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Why should my organisation care about ISO 27001? Reason 2 - Marketing edge In a market which is more and more competitive, it is sometimes very difficult to find something that will differentiate you in the eyes of your customers. ISO 27001 could be indeed a unique selling point, especially if you handle clients’ sensitive information.
  • 12. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Why should my organisation care about ISO 27001? Reason 3 - Lowering the expenses Information security is usually considered as a cost with no obvious financial gain. However, there is financial gain if you lower your expenses caused by incidents. You probably do have interruption in service, or occasional data leakage, or disgruntled employees. Or disgruntled former employees.
  • 13. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Why should my organisation care about ISO 27001? Reason 4 - Putting your business in order ISO 27001 is particularly good in sorting out those thorny management system issues – it forces you to define very precisely both the responsibilities and duties, and therefore strengthen your internal organisation.
  • 14. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Accredited Certification •Provides evidence of Information Security Management System assurance. •Verified by independent auditor. •In UK authority is UKAS Accredited Certification scheme: World wide recognition. •National certification body – member of International Accreditation Forum.
  • 15. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 The central role of risk assessment in ISO 27001 ISO 27001:2005 conformance requires implementation and documentation of an Information Security Management System (ISMS) implementing controls selected in accordance with 4.2..1.g, (control objectives in Annex A)
  • 16. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 The central role of risk assessment in ISO 27001 •Structured ISMS gives: • Best practice. • Marketing opportunities. • Compliance to Corporate Governance requirements. • Appropriate action to comply with law. • Systematic approach to risks. • Credibility with staff, customers and partner organisations. • Informed decisions on security investments.
  • 17. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Next Steps – Upcoming Educational Webinars • Webinar 2 - The Importance of Risk Management - Thursday May 16th, 4pm UK Time (Next week). • Webinar 3 - Carrying out a Risk Assessment using vsRisk - Thursday May 23rd, 4pm UK Time. • Webinar 4 - Maintaining and Updating your Risk Assessment using vsRisk - Thursday May 30th, 4pm UK Time. Includes announcement of special offer for vsRisk for webinar registrants. Registration details at http://www.vigilantsoftware.co.uk/webinars.aspx
  • 18. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Before the next webinars… Read a book… Read the world's first practical e-book guidance on achieving ISO 27001 certification and the nine essential steps to an effective ISMS implementation. Available for £25.95 (usually £29.95) http://www.vigilantsoftware.co.uk/pr oduct/1651.aspx Download a free trial of vsRisk The cyber security risk assessment tool compliant to ISO 27001 that automates and accelerates the risk management process. 15-day free trial at http://www.vigilantsoftware.co.uk
  • 19. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Next Steps – Want to know more? If you would like to know more about ISO 27001, including how to carry out an ISO 27001-compliant risk assessment, please visit http://www.vigilantsoftware.co.uk/ or email servicecentre@vigilantsoftware.co.uk.
  • 20. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Questions – we welcome them all! Please type your questions into the gotowebinar chat window – responses will generally be verbal and shared with all delegates.