Project plan for ISO 27001 implementation

Report
Why ISO 27001?
Subtitle or presenter
By implementing information
security, you help both
your company and yourself
7/16/2015
Copyright ©2014 9001Academy. All rights reserved.
2
Content
•
•
•
•
•
•
•
Basic information about ISO 27001
The purpose of ISO 27001
The ISO 27001 framework
ISO 27001 myths
Benefits for our company
Implementation details
Your role in the implementation
7/16/2015
Copyright ©2014 9001Academy. All rights reserved.
3
Basic information about ISO 27001
• International standard, published by ISO
• Developed by leading information security
experts
• Applicable to any industry
• Applicable to any size company
• More than 20,000 companies have certified
worldwide
7/16/2015
Copyright ©2014 9001Academy. All rights reserved.
4
The purpose of ISO 27001
Preservation of:
• Confidentiality
• Integrity
• Availability
7/16/2015
Copyright ©2014 9001Academy. All rights reserved.
5
How to protect the information
Controls (safeguards):
• Procedure
• Password
• Encryption
• Legal
• Training &
awareness
7/16/2015
Copyright ©2014 9001Academy. All rights reserved.
6
What is information security?
Information
7/16/2015
Copyright ©2014 9001Academy. All rights reserved.
7
The ISO 27001 framework
114 controls
from
Annex A
Risk
assessment
& treatment
7/16/2015
Copyright ©2014 9001Academy. All rights reserved.
8
ISO 27001 myths
•
•
•
•
“This is an IT job”
“It’s all about writing policies and procedures”
“We’ll get lost in all those documents”
“ISO 27001 will only make our job more
difficult”
• “It will be implemented in 2 months”
• “We do it only because of the certification”
7/16/2015
Copyright ©2014 9001Academy. All rights reserved.
9
Benefits for our company
7/16/2015
Compliance
Marketing
edge
Lowering the
expenses
Optimizing
business
processes
Copyright ©2014 9001Academy. All rights reserved.
10
Implementation details
• Project manager: [insert name]
• Project sponsor: [insert name]
• Project duration: [insert number of months]
7/16/2015
Copyright ©2014 9001Academy. All rights reserved.
11
Your role in the implementation
• Suggest which processes to document
• Suggest changes in existing & new policies and
procedures
• Read all the new documents and attend
awareness & training sessions
• Comply with policies and procedures once
they are published
7/16/2015
Copyright ©2014 9001Academy. All rights reserved.
12
ISO 27001 helps you
put all the pieces together
(if done properly)
7/16/2015
Copyright ©2014 9001Academy. All rights reserved.
13
Thank you!
Presenter’s name
7/16/2015
Copyright ©2014 27001Academy. All rights reserved.
14

similar documents