SlideShare a Scribd company logo

Iso 27001 foundation sample slides

Stratos Lazaridis
Stratos Lazaridis

ISO 27001 Information Security Management Systems Requirements - Foundation Training - Slides (Sample)

Education
1 of 26
Download to read offline
© 2021 BT&CS Ltd 1 ISO 27001 Foundation ISMS Terms & Acronyms Prepared by: Stratos Lazaridis Corporate Trainer and Management Consultant
© 2021 BT&CS Ltd 2 Course Overview ▪ Module 1: Introduction ▪ Module 2: Information Security Management Systems (ISMS) ▪ Module 3 The ISO 27001 Standard ▪ Module 4: ISO 27001 at Business Level ▪ Module 5: Information Risk Assessment and Risk Management ▪ Module 6: Information Security Notes: 1. This is a small sample of the slides associated with the delivery of the ISO 27001 Foundation training course. 2. For an overview of the course please click on the link https://www.btcsltd.co.uk/iso-27001-foundation 3. This course is delivered on demand to corporate clients; however, it can also be delivered on demand to small groups of individual learners (min. 6 delegates). 4. If interested please contact our lead trainer on 0749 114 7156 or email stratoslaz@aol.com
© 2021 BT&CS Ltd 3 Module 1.1: Introduction - ISMS Terms & Acronyms
© 2021 BT&CS Ltd 4 Terms & Acronyms (1/8) ▪ Asset. any tangible or intangible thing or characteristic that has value to an organization. ▪ Information assets, in e.g., paper or electronic form: valuable information content such as patents ▪ Storage media, such as computer hardware, mobile IT devices, etc. many of which are relatively inexpensive commodities these days ▪ Each asset should have an asset owner. ▪ Risk. The potential that a given threat will exploit vulnerabilities of an asset or group of assets and thereby cause harm to the organisation. ▪ Impact. The result of a security incident, caused by a threat, which affects assets ▪ Impacts are the harmful effects or consequences of incidents and calamities affecting assets, damaging the organization and its business interests, and often third parties. •
© 2021 BT&CS Ltd 5 Terms & Acronyms (2/8) ▪ Vulnerability. A weakness of an asset or group of assets that can be exploited by one or more threats. ▪ Vulnerabilities are the inherent weaknesses within our facilities, technologies, processes (including information risk management itself!), people and relationships, some of which are not even recognized as such. ▪ Examples: ▪ Lack of fire-extinguishing system ▪ Lack of business continuity plans ▪ Lack of anti-virus software ▪ Lack of incident response procedures ▪ Obsolete equipment ▪ Lack of replacement •
© 2021 BT&CS Ltd 6 Terms & Acronyms (3/8) ▪ Incidents range in scale from minor, trivial or inconsequential events up to calamities, disasters and outright catastrophes. ▪ Threat: potential cause of an incident that may result in harm to a system or organisation ▪ Threats are the actors (insiders and outsiders) and natural events that might cause incidents if they acted on vulnerabilities causing impacts. ▪ Threat Examples: ▪ Fire ▪ Earthquake ▪ Computer viruses ▪ Bomb threat ▪ Equipment malfunction ▪ Key people leaving the company (Key Persons’ Dependency) •
© 2021 BT&CS Ltd 7 Key Terms & Acronyms (4/8) ▪ Accountability. The responsibility for actions and processes. ▪ Audit. Formal review of actions, processes, policies and procedures. ▪ Compliance. Working in accordance with the actions, processes, policies and procedures laid down without necessarily having independent reviews. ▪ Information Security. Preservation of confidentiality, integrity and availability of information; in addition, other properties such as authenticity, accountability, non- repudiation and reliability can also be included.
© 2021 BT&CS Ltd 8 Terms & Acronyms (5/8) ▪ Identity. The properties of an individual or resource that can be used to uniquely identify one individual or resource. ▪ Authentication. Ensuring that the identity of a subject or resource is the one claimed. ▪ Authorisation. The process of checking the authentication of an individual or resource to establish and confirm their authorised use of, or access to, information or other assets.
© 2021 BT&CS Ltd 9 Terms & Acronyms (6/8) ▪ Information Security Management System (ISMS): a system of processes, documents, technology and people that helps to protect your company’s information assets (not just personal data) through a centrally managed framework. ▪ An Information Security Management System (ISMS) describes and demonstrates your organisation’s approach to Information Security. ▪ It is about security policies and controls ▪ How people and systems identify and manage the opportunities and threats revolving around valuable information and related assets. ▪ Cyber security is addressing technology- led threats. ▪ Effective cyber security solutions are part of the broader ISMS.
© 2021 BT&CS Ltd 10 Terms & Acronyms (7/8) ▪ Confidentiality: the property that information is not made available or disclosed to unauthorised individuals, entities or processes ▪ Sensitive information must be available only to a set of predefined individuals. ▪ Unauthorized transmission and usage of information should be restricted. ▪ Example, confidentiality of information ensures that a customer's personal or financial information is not obtained by an unauthorized individual for malicious purposes such as identity theft or credit fraud. ▪ Integrity: the property of safeguarding the accuracy and completeness of assets ▪ Information should not be altered in ways that render it incomplete or incorrect. ▪ Unauthorized users should be restricted from the ability to modify or destroy sensitive information.
© 2021 BT&CS Ltd 11 Terms & Acronyms (8/8) ▪ Availability: the property of being accessible and usable upon demand by an authorised entity. ▪ Information should be accessible to authorized users any time that it is needed. ▪ Availability is a warranty that information can be obtained with an agreed-upon frequency and timeliness. ▪ This is often measured in terms of percentages and agreed to formally in Service Level Agreements (SLAs) used by network service providers and their enterprise clients. ▪ Continuity: Information should be continuously available to the business user and this is ensured thorough appropriate business continuity and disaster recovery preparedness. ISO 27001 ISO 22301
© 2021 BT&CS Ltd 12 Module 1.2: Issuers of Standards
© 2021 BT&CS Ltd 13 International Standards ▪ An international standard is a document that has been developed through the consensus of experts from many countries and is approved and published by a globally recognized body. ▪ It comprises rules, guidelines, processes, or characteristics that allow users to achieve the same outcome time and time again. ▪ International Standards: ▪ Make things work. ▪ Provide world-class specifications for products, services and systems, to ensure quality, safety and efficiency. ▪ They are instrumental in facilitating international trade.
© 2021 BT&CS Ltd 14 ISO (International Organization for Standardization) ▪ Information about the ISO organisation: ▪ Formed in 1947 ▪ NGO (Non-Governmental Organisation) ▪ HQ in Geneva, Switzerland ▪ Network of 162 national standardization bodies, forming an international cooperative ▪ Three (3) official languages: English, French, and Russian ▪ ISO, through its members: ▪ Brings together experts to share knowledge and develop voluntary, consensus-based, market relevant International Standards ▪ Standards support innovation and provide solutions to global challenges. ▪ To date ISO has issued 22,000+ standards covering almost all aspects of technology and manufacturing.
© 2021 BT&CS Ltd 15 ISO Management System Standards (MSS) ▪ ISO MSS help organizations to improve their performance by specifying repeatable steps that organizations consciously implement to achieve their goals and objectives ▪ ISO MSS help organizations to create an organizational culture that reflexively engages in a continuous cycle of self- evaluation, correction and improvement of operations and processes ▪ This is achieved through heightened employee awareness and management leadership and commitment.
© 2021 BT&CS Ltd 16 Popular ISO Standards, Including MSS ▪ ISO 639 Codes for the representation of names of languages ▪ ISO 4217 Codes for the representation of currencies ▪ ISO 8601 Data elements and interchange formats - Information interchange - Representation of dates and times ▪ ISO 9001 Quality Management Systems - Requirements ▪ ISO 13485 Medical Devices - Quality management systems - Requirements for regulatory purposes ▪ ISO 14001 Environmental Management Systems - Requirements ▪ ISO 17025 General requirements for the competence of testing and calibration laboratories ▪ ISO 20121 Event sustainability management systems - Requirements with guidance for use ▪ ISO 22000 Food Safety Management Systems - Requirements for any organization in the food chain ▪ ISO 26000 Guidance on Social Responsibility ▪ ISO 27001 Information Security Management Systems - Requirements ▪ ISO 31000 Risk Management - Principles and guidelines ▪ ISO 37001 Anti-bribery management systems ▪ ISO 45001 Occupational health and safety management systems - Requirements with guidance for use ▪ ISO 50001 Energy management systems - Requirements with guidance for use
© 2021 BT&CS Ltd 17 IEC (International Electrotechnical Commission) ▪ The IEC is made up of members, called national committees (NCs) ▪ Each NC represents its nation's electrotechnical interests in the IEC. ▪ Information about the IEC organisation: ▪ Formed in 1906 in London, UK ▪ Private standard-setting organisation ▪ HQ in Geneva, Switzerland ▪ Three (3) official languages: English, French and Russian ▪ Prepares and publishes standards for all electrical, electronic and related technologies ▪ The above technologies are collectively known as electrotechnology.
© 2021 BT&CS Ltd 18 BSI Group (British Standards Institution) ▪ Information about the BSI organisation: ▪ Founded in 1901 ▪ National standards body of the United Kingdom ▪ Produces technical standards on a wide range of products and services ▪ Supplies certification and standards-related services to businesses. ▪ Helps organizations all over the world make excellence a habit. ▪ BSI clients range from high profile brands to small, local companies in 182 countries worldwide.
© 2021 BT&CS Ltd 19 Module : The ISO 27000 Series of Information Security Standards
© 2021 BT&CS Ltd 20 ISO/IEC 27000 Series of MSS (a.k.a. The “ISMS Family” (1/4) ▪ The ISO/IEC 27000 series of standards, is also known as ISO 27K for short ▪ The series comprises information security standards jointly published by the: ▪ International Organization for Standardization (ISO) ▪ The International Electrotechnical Commission (IEC). ▪ The series: ▪ Provides best practice recommendations on information security management ▪ Is similar in design to other ISO series, such as ISO 9000 series for quality assurance, 14000 series, for environmental protection, etc.
© 2021 BT&CS Ltd 21 The ISO 27000 Family of Management Systems Standards & Their Interrelationship
© 2021 BT&CS Ltd 22 ISO/IEC 27000 Series of MSS (a.k.a. The “ISMS Family” (2/4) ▪ The series is deliberately broad in scope, covering more than just privacy, confidentiality and IT-related technical cybersecurity issues. ▪ It is applicable to organizations of all shapes and sizes. ▪ All organizations are encouraged to: ▪ Use the guidance and suggestions from the ISO 27K series of standards where relevant. ▪ Assess their information risks ▪ Treat them by using information security controls according to their needs.
© 2021 BT&CS Ltd 23 ISO/IEC 27000 Series of MSS (a.k.a. The “ISMS Family” (3/4) ▪ Given the dynamic nature of information risk and security, the ISMS concept incorporates continuous feedback and improvement activities to respond to changes in the threats, vulnerabilities or impacts of incidents. ▪ The management of information risks is achieved through the implementation of information security controls, within the context of an overall Information Security Management System(ISMS).
© 2021 BT&CS Ltd 24 Examples of MSS of The ISO 27000 Series
© 2021 BT&CS Ltd 25 ISO/IEC 27000 Series of MSS (a.k.a. The “ISMS Family” (4/4) ▪ The standards are the product of ISO/IEC JTC1 (Joint Technical Committee 1) SC27 (Subcommittee 27) ▪ An international body that meets in person twice a year. ▪ The ISO/IEC standards are sold directly by ISO, mostly in English, French and Chinese. ▪ Sales outlets associated with various national standards bodies also sell directly translated versions in other languages. Continued … Notes: 1. This is a small sample of the slides associated with the delivery of the ISO 27001 Foundation training course. 2. For an overview of the course please click on the link https://www.btcsltd.co.uk/iso-27001-foundation 3. This course is delivered on demand to corporate clients; however, it can also be delivered on demand to small groups of individual learners (min. 6 delegates). 4. If interested please contact our lead trainer on 0749 114 7156 or email stratoslaz@aol.com
© 2021 BT&CS Ltd 26 USEFUL INFORMATION About the Trainer: Stratos Lazaridis ▪ LinkedIn: linkedin.com/in/stratos-lazaridis-604aab5 ▪ E-mail stratoslaz@aol.com ▪ Mob: +44(0)0749 114 7156 About our company: BT&CS (Business Training & Consulting Services Ltd) For questions, regarding our training courses and consulting services, please visit our website https://www.btcsltd.co.uk For other queries, including non-obligation quotes), please contact me: ▪ E-mail stratoslaz@aol.com ▪ Mob: +44(0)0749 114 7156 Useful Links to web pages on our website • Catalogue of ALL training courses https://www.btcsltd.co.uk/catalogue-of-training-courses • General course information https://www.btcsltd.co.uk/general-course-information • Frequently asked questions about our courses https://www.btcsltd.co.uk/faq-for-training-courses • Customer satisfaction charter https://www.btcsltd.co.uk/customer-satisfaction-charter • Terms & conditions https://www.btcsltd.co.uk/terms-and-conditions

Recommended

ISO 27001:2022 What has changed.pdf
ISO 27001:2022 What has changed.pdfISO 27001:2022 What has changed.pdf
ISO 27001:2022 What has changed.pdfAndrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
ISO 27001 2002 Update Webinar.pdf
ISO 27001 2002 Update Webinar.pdfISO 27001 2002 Update Webinar.pdf
ISO 27001 2002 Update Webinar.pdfControlCase
 
ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?PECB
 
ISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxDr Madhu Aman Sharma
 
Introduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementIntroduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementChristian F. Nissen
 
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to Know
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to KnowISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to Know
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to KnowPECB
 
Qap cobit2019-20181111
Qap cobit2019-20181111Qap cobit2019-20181111
Qap cobit2019-20181111Patrick Soenen
 
COBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdfCOBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdfMartinPatrici
 

Recommended

ISO 27001:2022 What has changed.pdf
ISO 27001:2022 What has changed.pdfISO 27001:2022 What has changed.pdf
ISO 27001:2022 What has changed.pdfAndrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
ISO 27001 2002 Update Webinar.pdf
ISO 27001 2002 Update Webinar.pdfISO 27001 2002 Update Webinar.pdf
ISO 27001 2002 Update Webinar.pdfControlCase
 
ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?PECB
 
ISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxDr Madhu Aman Sharma
 
Introduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementIntroduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementChristian F. Nissen
 
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to Know
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to KnowISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to Know
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to KnowPECB
 
Qap cobit2019-20181111
Qap cobit2019-20181111Qap cobit2019-20181111
Qap cobit2019-20181111Patrick Soenen
 
COBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdfCOBIT 2019 Overview_v1.1.pdf
COBIT 2019 Overview_v1.1.pdfMartinPatrici
 
ISO 27001:2022 Introduction
ISO 27001:2022 IntroductionISO 27001:2022 Introduction
ISO 27001:2022 IntroductionAndrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032PECB
 
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementationPrivacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementationPECB
 
ISO 27001
ISO 27001ISO 27001
ISO 27001n|u - The Open Security Community
 
27001 awareness Training
27001 awareness Training27001 awareness Training
27001 awareness TrainingDr Madhu Aman Sharma
 
What is iso 27001 isms
What is iso 27001 ismsWhat is iso 27001 isms
What is iso 27001 ismsCraig Willetts ISO Expert
 
ISMS Requirements
ISMS RequirementsISMS Requirements
ISMS Requirementshumanus2
 
ISO 27001 Training | ISMS Awareness Training
ISO 27001 Training | ISMS Awareness TrainingISO 27001 Training | ISMS Awareness Training
ISO 27001 Training | ISMS Awareness Traininghimalya sharma
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewShankar Subramaniyan
 
IT Governance & ISO 38500
IT Governance & ISO 38500IT Governance & ISO 38500
IT Governance & ISO 38500Ramiro Cid
 
ISMS Part I
ISMS Part IISMS Part I
ISMS Part Ikhushboo
 
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingOperational Excellence Consulting
 
Iso 27001 awareness
Iso 27001 awarenessIso 27001 awareness
Iso 27001 awarenessÃsħâr Ãâlâm
 
2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdf2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdfControlCase
 
ISO 27001 - Information Security Management System
ISO 27001 - Information Security Management SystemISO 27001 - Information Security Management System
ISO 27001 - Information Security Management SystemMuhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 
IT4IT / DevOps Tooling Landscape 2022
IT4IT / DevOps Tooling Landscape 2022 IT4IT / DevOps Tooling Landscape 2022
IT4IT / DevOps Tooling Landscape 2022 Rob Akershoek
 
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowCMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowPECB
 
Integrating ISO 27001, ISO 20000, and Project Management – From Theory to Pra...
Integrating ISO 27001, ISO 20000, and Project Management – From Theory to Pra...Integrating ISO 27001, ISO 20000, and Project Management – From Theory to Pra...
Integrating ISO 27001, ISO 20000, and Project Management – From Theory to Pra...PECB
 
ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3Tanmay Shinde
 
12 Best Privacy Frameworks
12 Best Privacy Frameworks12 Best Privacy Frameworks
12 Best Privacy FrameworksAndrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
In order to have a successful IG program, one of the eight (8) I
In order to have a successful IG program, one of the eight (8) IIn order to have a successful IG program, one of the eight (8) I
In order to have a successful IG program, one of the eight (8) IMalikPinckney86
 

More Related Content

What's hot

NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032PECB
 
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementationPrivacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementationPECB
 
ISMS Requirements
ISMS RequirementsISMS Requirements
ISMS Requirementshumanus2
 
ISO 27001 Training | ISMS Awareness Training
ISO 27001 Training | ISMS Awareness TrainingISO 27001 Training | ISMS Awareness Training
ISO 27001 Training | ISMS Awareness Traininghimalya sharma
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewShankar Subramaniyan
 
IT Governance & ISO 38500
IT Governance & ISO 38500IT Governance & ISO 38500
IT Governance & ISO 38500Ramiro Cid
 
ISMS Part I
ISMS Part IISMS Part I
ISMS Part Ikhushboo
 
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingOperational Excellence Consulting
 
2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdf2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdfControlCase
 
IT4IT / DevOps Tooling Landscape 2022
IT4IT / DevOps Tooling Landscape 2022 IT4IT / DevOps Tooling Landscape 2022
IT4IT / DevOps Tooling Landscape 2022 Rob Akershoek
 
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowCMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowPECB
 
Integrating ISO 27001, ISO 20000, and Project Management – From Theory to Pra...
Integrating ISO 27001, ISO 20000, and Project Management – From Theory to Pra...Integrating ISO 27001, ISO 20000, and Project Management – From Theory to Pra...
Integrating ISO 27001, ISO 20000, and Project Management – From Theory to Pra...PECB
 
ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3Tanmay Shinde
 

What's hot (20)

ISO 27001:2022 Introduction
ISO 27001:2022 IntroductionISO 27001:2022 Introduction
ISO 27001:2022 Introduction
 
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation Guide
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032
 
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementationPrivacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
 
ISO 27001
ISO 27001ISO 27001
ISO 27001
 
27001 awareness Training
27001 awareness Training27001 awareness Training
27001 awareness Training
 
What is iso 27001 isms
What is iso 27001 ismsWhat is iso 27001 isms
What is iso 27001 isms
 
ISMS Requirements
ISMS RequirementsISMS Requirements
ISMS Requirements
 
ISO 27001 Training | ISMS Awareness Training
ISO 27001 Training | ISMS Awareness TrainingISO 27001 Training | ISMS Awareness Training
ISO 27001 Training | ISMS Awareness Training
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process Overview
 
IT Governance & ISO 38500
IT Governance & ISO 38500IT Governance & ISO 38500
IT Governance & ISO 38500
 
ISMS Part I
ISMS Part IISMS Part I
ISMS Part I
 
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
 
Iso 27001 awareness
Iso 27001 awarenessIso 27001 awareness
Iso 27001 awareness
 
2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdf2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdf
 
ISO 27001 - Information Security Management System
ISO 27001 - Information Security Management SystemISO 27001 - Information Security Management System
ISO 27001 - Information Security Management System
 
IT4IT / DevOps Tooling Landscape 2022
IT4IT / DevOps Tooling Landscape 2022 IT4IT / DevOps Tooling Landscape 2022
IT4IT / DevOps Tooling Landscape 2022
 
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowCMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
 
Integrating ISO 27001, ISO 20000, and Project Management – From Theory to Pra...
Integrating ISO 27001, ISO 20000, and Project Management – From Theory to Pra...Integrating ISO 27001, ISO 20000, and Project Management – From Theory to Pra...
Integrating ISO 27001, ISO 20000, and Project Management – From Theory to Pra...
 
ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3
 

Similar to Iso 27001 foundation sample slides

In order to have a successful IG program, one of the eight (8) I
In order to have a successful IG program, one of the eight (8) IIn order to have a successful IG program, one of the eight (8) I
In order to have a successful IG program, one of the eight (8) IMalikPinckney86
 
What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?IT Governance Ltd
 
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001PECB
 
Iso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromIso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromMart Rovers
 
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdfControlCase
 
Cyber Security and Cloud Security
Cyber Security and Cloud SecurityCyber Security and Cloud Security
Cyber Security and Cloud SecurityIT Governance Ltd
 
Maintaining Data Privacy with Ashish Kirtikar
Maintaining Data Privacy with Ashish KirtikarMaintaining Data Privacy with Ashish Kirtikar
Maintaining Data Privacy with Ashish KirtikarControlCase
 
Achieving ISO 27001 Certification.pdf
Achieving ISO 27001 Certification.pdfAchieving ISO 27001 Certification.pdf
Achieving ISO 27001 Certification.pdfmicroteklearning21
 
The Virtual Security Officer Platform
The Virtual Security Officer PlatformThe Virtual Security Officer Platform
The Virtual Security Officer PlatformShanmugavel Sankaran
 
ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?
ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?
ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?PECB
 
20CS024 Ethics in Information Technology
20CS024 Ethics in Information Technology20CS024 Ethics in Information Technology
20CS024 Ethics in Information TechnologyKathirvel Ayyaswamy
 
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital TransformationISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital TransformationPECB
 
Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001Chandan Singh Ghodela
 
Chapter 10 security standart
Chapter 10 security standartChapter 10 security standart
Chapter 10 security standartnewbie2019
 
Introduction to International Standardization
Introduction to International StandardizationIntroduction to International Standardization
Introduction to International StandardizationKris Kimmerle
 
NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NA Putra
 
NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NQA
 
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?PECB
 

Similar to Iso 27001 foundation sample slides (20)

12 Best Privacy Frameworks
12 Best Privacy Frameworks12 Best Privacy Frameworks
12 Best Privacy Frameworks
 
In order to have a successful IG program, one of the eight (8) I
In order to have a successful IG program, one of the eight (8) IIn order to have a successful IG program, one of the eight (8) I
In order to have a successful IG program, one of the eight (8) I
 
What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?
 
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
 
Iso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromIso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interprom
 
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf
 
Cyber Security and Cloud Security
Cyber Security and Cloud SecurityCyber Security and Cloud Security
Cyber Security and Cloud Security
 
ISO/IEC 27001.pdf
ISO/IEC 27001.pdfISO/IEC 27001.pdf
ISO/IEC 27001.pdf
 
Maintaining Data Privacy with Ashish Kirtikar
Maintaining Data Privacy with Ashish KirtikarMaintaining Data Privacy with Ashish Kirtikar
Maintaining Data Privacy with Ashish Kirtikar
 
Achieving ISO 27001 Certification.pdf
Achieving ISO 27001 Certification.pdfAchieving ISO 27001 Certification.pdf
Achieving ISO 27001 Certification.pdf
 
The Virtual Security Officer Platform
The Virtual Security Officer PlatformThe Virtual Security Officer Platform
The Virtual Security Officer Platform
 
ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?
ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?
ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?
 
20CS024 Ethics in Information Technology
20CS024 Ethics in Information Technology20CS024 Ethics in Information Technology
20CS024 Ethics in Information Technology
 
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital TransformationISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
 
Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001
 
Chapter 10 security standart
Chapter 10 security standartChapter 10 security standart
Chapter 10 security standart
 
Introduction to International Standardization
Introduction to International StandardizationIntroduction to International Standardization
Introduction to International Standardization
 
NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001
 
NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001
 
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?
 

More from Stratos Lazaridis

ISO 9001 Foundation Training Course - Sample Slides
ISO 9001 Foundation Training Course - Sample SlidesISO 9001 Foundation Training Course - Sample Slides
ISO 9001 Foundation Training Course - Sample SlidesStratos Lazaridis
 
Iso 27001 in images - sample slides from different levels of training, e.g. F...
Iso 27001 in images - sample slides from different levels of training, e.g. F...Iso 27001 in images - sample slides from different levels of training, e.g. F...
Iso 27001 in images - sample slides from different levels of training, e.g. F...Stratos Lazaridis
 
ISO 14000, ISO 14001, and the EU's scheme EMAS
ISO 14000, ISO 14001, and the EU's scheme EMASISO 14000, ISO 14001, and the EU's scheme EMAS
ISO 14000, ISO 14001, and the EU's scheme EMASStratos Lazaridis
 
Acropolis of of Athens, Greece
Acropolis of of Athens, GreeceAcropolis of of Athens, Greece
Acropolis of of Athens, GreeceStratos Lazaridis
 
The most powerful economies in Europe and in the World
The most powerful economies in Europe and in the WorldThe most powerful economies in Europe and in the World
The most powerful economies in Europe and in the WorldStratos Lazaridis
 
Certified iso 27001 Lead Auditor - 5 days 14072021
Certified iso 27001 Lead Auditor - 5 days 14072021Certified iso 27001 Lead Auditor - 5 days 14072021
Certified iso 27001 Lead Auditor - 5 days 14072021Stratos Lazaridis
 

More from Stratos Lazaridis (7)

ISO 9001 Foundation Training Course - Sample Slides
ISO 9001 Foundation Training Course - Sample SlidesISO 9001 Foundation Training Course - Sample Slides
ISO 9001 Foundation Training Course - Sample Slides
 
Iso 27001 in images - sample slides from different levels of training, e.g. F...
Iso 27001 in images - sample slides from different levels of training, e.g. F...Iso 27001 in images - sample slides from different levels of training, e.g. F...
Iso 27001 in images - sample slides from different levels of training, e.g. F...
 
ISO 14000, ISO 14001, and the EU's scheme EMAS
ISO 14000, ISO 14001, and the EU's scheme EMASISO 14000, ISO 14001, and the EU's scheme EMAS
ISO 14000, ISO 14001, and the EU's scheme EMAS
 
Acropolis of of Athens, Greece
Acropolis of of Athens, GreeceAcropolis of of Athens, Greece
Acropolis of of Athens, Greece
 
The most powerful economies in Europe and in the World
The most powerful economies in Europe and in the WorldThe most powerful economies in Europe and in the World
The most powerful economies in Europe and in the World
 
Iso 9001 in images 16092021
Iso 9001 in images 16092021Iso 9001 in images 16092021
Iso 9001 in images 16092021
 
Certified iso 27001 Lead Auditor - 5 days 14072021
Certified iso 27001 Lead Auditor - 5 days 14072021Certified iso 27001 Lead Auditor - 5 days 14072021
Certified iso 27001 Lead Auditor - 5 days 14072021
 

Recently uploaded

URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppCeline George
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 
Micromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of PowdersMicromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of PowdersChitralekhaTherkar
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
PSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPoojaSen20
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 

Recently uploaded (20)

URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website App
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 
Micromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of PowdersMicromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of Powders
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
PSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptx
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 

Iso 27001 foundation sample slides

  • 1. © 2021 BT&CS Ltd 1 ISO 27001 Foundation ISMS Terms & Acronyms Prepared by: Stratos Lazaridis Corporate Trainer and Management Consultant
  • 2. © 2021 BT&CS Ltd 2 Course Overview ▪ Module 1: Introduction ▪ Module 2: Information Security Management Systems (ISMS) ▪ Module 3 The ISO 27001 Standard ▪ Module 4: ISO 27001 at Business Level ▪ Module 5: Information Risk Assessment and Risk Management ▪ Module 6: Information Security Notes: 1. This is a small sample of the slides associated with the delivery of the ISO 27001 Foundation training course. 2. For an overview of the course please click on the link https://www.btcsltd.co.uk/iso-27001-foundation 3. This course is delivered on demand to corporate clients; however, it can also be delivered on demand to small groups of individual learners (min. 6 delegates). 4. If interested please contact our lead trainer on 0749 114 7156 or email stratoslaz@aol.com
  • 3. © 2021 BT&CS Ltd 3 Module 1.1: Introduction - ISMS Terms & Acronyms
  • 4. © 2021 BT&CS Ltd 4 Terms & Acronyms (1/8) ▪ Asset. any tangible or intangible thing or characteristic that has value to an organization. ▪ Information assets, in e.g., paper or electronic form: valuable information content such as patents ▪ Storage media, such as computer hardware, mobile IT devices, etc. many of which are relatively inexpensive commodities these days ▪ Each asset should have an asset owner. ▪ Risk. The potential that a given threat will exploit vulnerabilities of an asset or group of assets and thereby cause harm to the organisation. ▪ Impact. The result of a security incident, caused by a threat, which affects assets ▪ Impacts are the harmful effects or consequences of incidents and calamities affecting assets, damaging the organization and its business interests, and often third parties. •
  • 5. © 2021 BT&CS Ltd 5 Terms & Acronyms (2/8) ▪ Vulnerability. A weakness of an asset or group of assets that can be exploited by one or more threats. ▪ Vulnerabilities are the inherent weaknesses within our facilities, technologies, processes (including information risk management itself!), people and relationships, some of which are not even recognized as such. ▪ Examples: ▪ Lack of fire-extinguishing system ▪ Lack of business continuity plans ▪ Lack of anti-virus software ▪ Lack of incident response procedures ▪ Obsolete equipment ▪ Lack of replacement •
  • 6. © 2021 BT&CS Ltd 6 Terms & Acronyms (3/8) ▪ Incidents range in scale from minor, trivial or inconsequential events up to calamities, disasters and outright catastrophes. ▪ Threat: potential cause of an incident that may result in harm to a system or organisation ▪ Threats are the actors (insiders and outsiders) and natural events that might cause incidents if they acted on vulnerabilities causing impacts. ▪ Threat Examples: ▪ Fire ▪ Earthquake ▪ Computer viruses ▪ Bomb threat ▪ Equipment malfunction ▪ Key people leaving the company (Key Persons’ Dependency) •
  • 7. © 2021 BT&CS Ltd 7 Key Terms & Acronyms (4/8) ▪ Accountability. The responsibility for actions and processes. ▪ Audit. Formal review of actions, processes, policies and procedures. ▪ Compliance. Working in accordance with the actions, processes, policies and procedures laid down without necessarily having independent reviews. ▪ Information Security. Preservation of confidentiality, integrity and availability of information; in addition, other properties such as authenticity, accountability, non- repudiation and reliability can also be included.
  • 8. © 2021 BT&CS Ltd 8 Terms & Acronyms (5/8) ▪ Identity. The properties of an individual or resource that can be used to uniquely identify one individual or resource. ▪ Authentication. Ensuring that the identity of a subject or resource is the one claimed. ▪ Authorisation. The process of checking the authentication of an individual or resource to establish and confirm their authorised use of, or access to, information or other assets.
  • 9. © 2021 BT&CS Ltd 9 Terms & Acronyms (6/8) ▪ Information Security Management System (ISMS): a system of processes, documents, technology and people that helps to protect your company’s information assets (not just personal data) through a centrally managed framework. ▪ An Information Security Management System (ISMS) describes and demonstrates your organisation’s approach to Information Security. ▪ It is about security policies and controls ▪ How people and systems identify and manage the opportunities and threats revolving around valuable information and related assets. ▪ Cyber security is addressing technology- led threats. ▪ Effective cyber security solutions are part of the broader ISMS.
  • 10. © 2021 BT&CS Ltd 10 Terms & Acronyms (7/8) ▪ Confidentiality: the property that information is not made available or disclosed to unauthorised individuals, entities or processes ▪ Sensitive information must be available only to a set of predefined individuals. ▪ Unauthorized transmission and usage of information should be restricted. ▪ Example, confidentiality of information ensures that a customer's personal or financial information is not obtained by an unauthorized individual for malicious purposes such as identity theft or credit fraud. ▪ Integrity: the property of safeguarding the accuracy and completeness of assets ▪ Information should not be altered in ways that render it incomplete or incorrect. ▪ Unauthorized users should be restricted from the ability to modify or destroy sensitive information.
  • 11. © 2021 BT&CS Ltd 11 Terms & Acronyms (8/8) ▪ Availability: the property of being accessible and usable upon demand by an authorised entity. ▪ Information should be accessible to authorized users any time that it is needed. ▪ Availability is a warranty that information can be obtained with an agreed-upon frequency and timeliness. ▪ This is often measured in terms of percentages and agreed to formally in Service Level Agreements (SLAs) used by network service providers and their enterprise clients. ▪ Continuity: Information should be continuously available to the business user and this is ensured thorough appropriate business continuity and disaster recovery preparedness. ISO 27001 ISO 22301
  • 12. © 2021 BT&CS Ltd 12 Module 1.2: Issuers of Standards
  • 13. © 2021 BT&CS Ltd 13 International Standards ▪ An international standard is a document that has been developed through the consensus of experts from many countries and is approved and published by a globally recognized body. ▪ It comprises rules, guidelines, processes, or characteristics that allow users to achieve the same outcome time and time again. ▪ International Standards: ▪ Make things work. ▪ Provide world-class specifications for products, services and systems, to ensure quality, safety and efficiency. ▪ They are instrumental in facilitating international trade.
  • 14. © 2021 BT&CS Ltd 14 ISO (International Organization for Standardization) ▪ Information about the ISO organisation: ▪ Formed in 1947 ▪ NGO (Non-Governmental Organisation) ▪ HQ in Geneva, Switzerland ▪ Network of 162 national standardization bodies, forming an international cooperative ▪ Three (3) official languages: English, French, and Russian ▪ ISO, through its members: ▪ Brings together experts to share knowledge and develop voluntary, consensus-based, market relevant International Standards ▪ Standards support innovation and provide solutions to global challenges. ▪ To date ISO has issued 22,000+ standards covering almost all aspects of technology and manufacturing.
  • 15. © 2021 BT&CS Ltd 15 ISO Management System Standards (MSS) ▪ ISO MSS help organizations to improve their performance by specifying repeatable steps that organizations consciously implement to achieve their goals and objectives ▪ ISO MSS help organizations to create an organizational culture that reflexively engages in a continuous cycle of self- evaluation, correction and improvement of operations and processes ▪ This is achieved through heightened employee awareness and management leadership and commitment.
  • 16. © 2021 BT&CS Ltd 16 Popular ISO Standards, Including MSS ▪ ISO 639 Codes for the representation of names of languages ▪ ISO 4217 Codes for the representation of currencies ▪ ISO 8601 Data elements and interchange formats - Information interchange - Representation of dates and times ▪ ISO 9001 Quality Management Systems - Requirements ▪ ISO 13485 Medical Devices - Quality management systems - Requirements for regulatory purposes ▪ ISO 14001 Environmental Management Systems - Requirements ▪ ISO 17025 General requirements for the competence of testing and calibration laboratories ▪ ISO 20121 Event sustainability management systems - Requirements with guidance for use ▪ ISO 22000 Food Safety Management Systems - Requirements for any organization in the food chain ▪ ISO 26000 Guidance on Social Responsibility ▪ ISO 27001 Information Security Management Systems - Requirements ▪ ISO 31000 Risk Management - Principles and guidelines ▪ ISO 37001 Anti-bribery management systems ▪ ISO 45001 Occupational health and safety management systems - Requirements with guidance for use ▪ ISO 50001 Energy management systems - Requirements with guidance for use
  • 17. © 2021 BT&CS Ltd 17 IEC (International Electrotechnical Commission) ▪ The IEC is made up of members, called national committees (NCs) ▪ Each NC represents its nation's electrotechnical interests in the IEC. ▪ Information about the IEC organisation: ▪ Formed in 1906 in London, UK ▪ Private standard-setting organisation ▪ HQ in Geneva, Switzerland ▪ Three (3) official languages: English, French and Russian ▪ Prepares and publishes standards for all electrical, electronic and related technologies ▪ The above technologies are collectively known as electrotechnology.
  • 18. © 2021 BT&CS Ltd 18 BSI Group (British Standards Institution) ▪ Information about the BSI organisation: ▪ Founded in 1901 ▪ National standards body of the United Kingdom ▪ Produces technical standards on a wide range of products and services ▪ Supplies certification and standards-related services to businesses. ▪ Helps organizations all over the world make excellence a habit. ▪ BSI clients range from high profile brands to small, local companies in 182 countries worldwide.
  • 19. © 2021 BT&CS Ltd 19 Module : The ISO 27000 Series of Information Security Standards
  • 20. © 2021 BT&CS Ltd 20 ISO/IEC 27000 Series of MSS (a.k.a. The “ISMS Family” (1/4) ▪ The ISO/IEC 27000 series of standards, is also known as ISO 27K for short ▪ The series comprises information security standards jointly published by the: ▪ International Organization for Standardization (ISO) ▪ The International Electrotechnical Commission (IEC). ▪ The series: ▪ Provides best practice recommendations on information security management ▪ Is similar in design to other ISO series, such as ISO 9000 series for quality assurance, 14000 series, for environmental protection, etc.
  • 21. © 2021 BT&CS Ltd 21 The ISO 27000 Family of Management Systems Standards & Their Interrelationship
  • 22. © 2021 BT&CS Ltd 22 ISO/IEC 27000 Series of MSS (a.k.a. The “ISMS Family” (2/4) ▪ The series is deliberately broad in scope, covering more than just privacy, confidentiality and IT-related technical cybersecurity issues. ▪ It is applicable to organizations of all shapes and sizes. ▪ All organizations are encouraged to: ▪ Use the guidance and suggestions from the ISO 27K series of standards where relevant. ▪ Assess their information risks ▪ Treat them by using information security controls according to their needs.
  • 23. © 2021 BT&CS Ltd 23 ISO/IEC 27000 Series of MSS (a.k.a. The “ISMS Family” (3/4) ▪ Given the dynamic nature of information risk and security, the ISMS concept incorporates continuous feedback and improvement activities to respond to changes in the threats, vulnerabilities or impacts of incidents. ▪ The management of information risks is achieved through the implementation of information security controls, within the context of an overall Information Security Management System(ISMS).
  • 24. © 2021 BT&CS Ltd 24 Examples of MSS of The ISO 27000 Series
  • 25. © 2021 BT&CS Ltd 25 ISO/IEC 27000 Series of MSS (a.k.a. The “ISMS Family” (4/4) ▪ The standards are the product of ISO/IEC JTC1 (Joint Technical Committee 1) SC27 (Subcommittee 27) ▪ An international body that meets in person twice a year. ▪ The ISO/IEC standards are sold directly by ISO, mostly in English, French and Chinese. ▪ Sales outlets associated with various national standards bodies also sell directly translated versions in other languages. Continued … Notes: 1. This is a small sample of the slides associated with the delivery of the ISO 27001 Foundation training course. 2. For an overview of the course please click on the link https://www.btcsltd.co.uk/iso-27001-foundation 3. This course is delivered on demand to corporate clients; however, it can also be delivered on demand to small groups of individual learners (min. 6 delegates). 4. If interested please contact our lead trainer on 0749 114 7156 or email stratoslaz@aol.com
  • 26. © 2021 BT&CS Ltd 26 USEFUL INFORMATION About the Trainer: Stratos Lazaridis ▪ LinkedIn: linkedin.com/in/stratos-lazaridis-604aab5 ▪ E-mail stratoslaz@aol.com ▪ Mob: +44(0)0749 114 7156 About our company: BT&CS (Business Training & Consulting Services Ltd) For questions, regarding our training courses and consulting services, please visit our website https://www.btcsltd.co.uk For other queries, including non-obligation quotes), please contact me: ▪ E-mail stratoslaz@aol.com ▪ Mob: +44(0)0749 114 7156 Useful Links to web pages on our website • Catalogue of ALL training courses https://www.btcsltd.co.uk/catalogue-of-training-courses • General course information https://www.btcsltd.co.uk/general-course-information • Frequently asked questions about our courses https://www.btcsltd.co.uk/faq-for-training-courses • Customer satisfaction charter https://www.btcsltd.co.uk/customer-satisfaction-charter • Terms & conditions https://www.btcsltd.co.uk/terms-and-conditions