Project plan for ISO 27001 implementation

Download Report

Transcript Project plan for ISO 27001 implementation

Why ISO 27001?

Subtitle or presenter

5/1/2020

By implementing information security, you help both your company and yourself

Copyright ©2014 9001Academy. All rights reserved.

2

Content • • • • • • • Basic information about ISO 27001 The purpose of ISO 27001 The ISO 27001 framework ISO 27001 myths Benefits for our company Implementation details Your role in the implementation 5/1/2020 Copyright ©2014 9001Academy. All rights reserved.

3

Basic information about ISO 27001 • • • • • International standard, published by ISO Developed by leading information security experts Applicable to any industry Applicable to any size company More than 20 , 000 companies have certified worldwide 5/1/2020 Copyright ©2014 9001Academy. All rights reserved.

4

The purpose of ISO 27001 • • • Preservation of: Confidentiality Integrity Availability 5/1/2020 Copyright ©2014 9001Academy. All rights reserved.

5

How to protect the information • • • • • Controls (safeguards): Procedure Password Encryption Legal Training & awareness 5/1/2020 Copyright ©2014 9001Academy. All rights reserved.

6

What is information security?

Information

5/1/2020 Copyright ©2014 9001Academy. All rights reserved.

7

The ISO 27001 framework 5/1/2020 Risk assessment & treatment Copyright ©2014 9001Academy. All rights reserved.

114 controls from Annex A 8

ISO 27001 myths • • • • • • “This is an IT job” “It’s all about writing policies and procedures” “We’ll get lost in all those documents” “ISO 27001 will only make our job more difficult” “It will be implemented in 2 months” “We do it only because of the certification” 5/1/2020 Copyright ©2014 9001Academy. All rights reserved.

9

Benefits for our company 5/1/2020 Compliance Lowering the expenses Marketing edge Optimizing business processes Copyright ©2014 9001Academy. All rights reserved.

10

Implementation details • • • Project manager: [insert name] Project sponsor: [insert name] Project duration: [insert number of months] 5/1/2020 Copyright ©2014 9001Academy. All rights reserved.

11

Your role in the implementation • • • • Suggest which processes to document Suggest changes in existing & new policies and procedures Read all the new documents and attend awareness & training sessions Comply with policies and procedures once they are published 5/1/2020 Copyright ©2014 9001Academy. All rights reserved.

12

5/1/2020

ISO 27001 helps you put all the pieces together (if done properly)

Copyright ©2014 9001Academy. All rights reserved.

13

5/1/2020

Thank you!

Presenter’s name Copyright ©2014 27001Academy. All rights reserved.

14