Presentation is loading. Please wait.

Presentation is loading. Please wait.

PhoenixPro Procurement. technology. contracts. projects.

Published byJaiden Rippon Modified over 10 years ago

Similar presentations

Presentation on theme: "PhoenixPro Procurement. technology. contracts. projects."— Presentation transcript:

1 PhoenixPro Procurement. technology. contracts. projects.

2 PhoenixPro Procurement. technology. contracts. projects.

3 Roadmap to ISO27001 Certification
Initial Interviews Define ISMS Scope & Objectives Define ISMS Policy Statement Management Sign-off ISMS Foundation Asset Register Threat & Vulnerability Analysis Business Impact Analysis Risk Assessment Risk Treatment Plan Statement of Applicability Gap Analysis Management Approval Planning & Risk Analysis Implementation Plan Process Controls Security Solutions Vulnerability Management and Attack & Penetration Awareness & User Training Evidence Gathering Implementation Planning & Execution Internal Audit Control Effectiveness Review Pre Audit Review & Evaluation Internal "Mock" Review Management Review Pre Audit Preparations Readiness for Certification Audit ISMS Quality Assurance

4 Practical Tips & Hints PhoenixPro Why do it? Is it worth it?
How technical is the external certification audit? Is it “all or nothing”? I am compliant, how do I justify certification? Why not do it on our own? Type of resources needed? Key Areas to Watch ISO27001 is not shelf ware Policies means €€€€s!!! All “Assessments” need to be fair DR / BCP a particular challenge Outsourcing is allowed WITH SLAs Procurement. Contracts. Technology. Projects.

5 PhoenixPro Procurement. technology. contracts. projects.
Georgios A. korellis PhoenixPro Procurement. technology. contracts. projects.

Download ppt "PhoenixPro Procurement. technology. contracts. projects."

Similar presentations

ISMS implementation and certification process overview

ISMS implementation and certification process overview
Innovation or Necessity? ISM 158 By: Sepehr Saeb.

Innovation or Necessity? ISM 158 By: Sepehr Saeb.
Dr Lami Kaya LamiKaya@gmail.com ISO 27001 Information Security Management System (ISMS) Certification Overview Dr Lami Kaya LamiKaya@gmail.com.

Dr Lami Kaya ISO Information Security Management System (ISMS) Certification Overview Dr Lami Kaya
1 Dr. Ashraf El-Farghly SECC. 2 Level 3 focus on the organization - Best practices are gathered across the organization. - Processes are tailored depending.

1 Dr. Ashraf El-Farghly SECC. 2 Level 3 focus on the organization - Best practices are gathered across the organization. - Processes are tailored depending.
Developing a Risk-Based Information Security Program

Developing a Risk-Based Information Security Program
Internal environmental audit - Conf.dr.ing. Oana Brinzan – UAV Arad.

Internal environmental audit - Conf.dr.ing. Oana Brinzan – UAV Arad.
Government Information Assurance (GIA) Policy. 2 Current Scenario  It is a connected world!  More and More services are being provided online  Continuous.

Government Information Assurance (GIA) Policy. 2 Current Scenario  It is a connected world!  More and More services are being provided online  Continuous.
Protection of Information Assets I. Joko Dewanto 1.

Protection of Information Assets I. Joko Dewanto 1.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.
Information Security Policies and Standards

Information Security Policies and Standards
First Practice - Information Security Management System Implementation and ISO 27001 Certification.

First Practice - Information Security Management System Implementation and ISO Certification.
DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.

DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.
SOX & ISO 27001 Protect your data and be ready to be audited!!!

SOX & ISO Protect your data and be ready to be audited!!!
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.
Risk Management Vs Risk avoidance William Gillette.

Risk Management Vs Risk avoidance William Gillette.
Fraud Prevention and Risk Management

Fraud Prevention and Risk Management
1 BUSINESS CONTINUITY AND DISASTER RECOVERY PLANNING Reducing your Risk Profile MIDWEST DATA RECOVERY INC.

1 BUSINESS CONTINUITY AND DISASTER RECOVERY PLANNING Reducing your Risk Profile MIDWEST DATA RECOVERY INC.
CMGT400 Intro to Information Assurance and Security (University of Phoenix) Lecture, Week 4 Tom Olzak, MBA, CISSP.

CMGT400 Intro to Information Assurance and Security (University of Phoenix) Lecture, Week 4 Tom Olzak, MBA, CISSP.
SecureAware Building an Information Security Management System.

SecureAware Building an Information Security Management System.
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.

Similar presentations

Ads by Google