Presentation is loading. Please wait.

Presentation is loading. Please wait.

Project proposal for ISO 27001:2013 implementation

Published by혜리 순 Modified over 5 years ago

Similar presentations

Presentation on theme: "Project proposal for ISO 27001:2013 implementation"— Presentation transcript:

1 Project proposal for ISO 27001:2013 implementation
Subtitle or presenter In this presentation we’ll show some relevant information about ISO implementation to help your management make an informed decision on how to better protect their organization’s information and business.

2 Copyright ©2015 27001Academy. All rights reserved.
Content Reasons for implementation Purpose of the project Benefits of an ISMS Implementation details Milestones Resources Deliverables The structure of your business case to support ISO27001 implementation. 9/21/2018 Copyright © Academy. All rights reserved.

3 Reasons for implementation (1/2)
Primary reasons: Improve interested parties’ trust by assuring compliance with their requirements Improve marketing edge (image and credibility) by attaining certification to ISO 27001 Reduce expenses related to information security incidents Improve internal organization by better defining responsibilities and duties Interested parties: shareholders, employees, suppliers, regulators, management, clients, etc. For more detailed information about how to present this reasons, see the article 9/21/2018 Copyright © Academy. All rights reserved.

4 Reasons for implementation (1/2)
Compliance Marketing edge Lowering the expenses Optimizing business processes <Alternative version of the previous slide. Include only what fits you best> Interested parties: shareholders, employees, suppliers, regulators, management, clients, etc. For more detailed information about how to present this reasons, see the article 9/21/2018 Copyright © Academy. All rights reserved.

5 Reasons for implementation (2/2)
Secondary reasons: Integrate information security to business process for better alignment Improve decisions by basing them on data from the information security management system Create a culture of continual improvement of the information security Improve employee, and other interested parties’, engagement in information security improvement 9/21/2018 Copyright © Academy. All rights reserved.

6 The purpose of the project
What do we want to achieve? Gain ISO certification by [date] through: Defining the ISMS framework Identifying the current risk scenario Selecting and implementing proper security controls Providing proper awareness, training, and education to the users Providing relevant information to management for the first critical review of the ISMS for continual improvement Selecting the proper certification body to certify the system 9/21/2018 Copyright © Academy. All rights reserved.

7 Implementation details
Project manager: [insert name] Project sponsor: [insert name] Project duration: [insert number of months] Project manager – write here the person who will coordinate the implementation of ISO 27001 Project sponsor – write here someone from the top management who will provide you with support for your project Project duration – calculate the time needed using this free calculator: 9/21/2018 Copyright © Academy. All rights reserved.

8 Copyright ©2015 27001Academy. All rights reserved.
Milestones Milestone Due date Initiation Planning ISMS framework Risk assessment Implementation Internal Audit Management Review Corrective Actions Certification Audit Continual Improvement Setup 9/21/2018 Copyright © Academy. All rights reserved.

9 Copyright ©2015 27001Academy. All rights reserved.
Resources (1/2) Human resources Internal resources – [list internal resources, e.g., group name] External resources – [list external resources, e.g., consulting company] Technical resources Tool – [Tool name] Equipment – [list equipment needed] 9/21/2018 Copyright © Academy. All rights reserved.

10 Copyright ©2015 27001Academy. All rights reserved.
Resources (2/2) Financial resources Amount: [define amount of money needed to finish the project] Cost types: [split costs according to the cost type and include all resources listed here, e.g., human resources – internal and external, technical, and other resources] Other resources Documentation templates 9/21/2018 Copyright © Academy. All rights reserved.

11 Copyright ©2015 27001Academy. All rights reserved.
Deliverables ISMS General requirements documents ISMS related documents defined by the organization (e.g., documents for security controls Definition of risk assessment methodology and organization’s risk profile Measurement, analysis, and improvement processes 9/21/2018 Copyright © Academy. All rights reserved.

12 Project proposal for ISO 27001 implementation
Click icon to add picture Project proposal for ISO implementation Presenter’s name 9/21/2018 Copyright © Academy. All rights reserved.

Download ppt "Project proposal for ISO 27001:2013 implementation"

Similar presentations

Is your company drowning in a sea of documents and regulations ? Quality Systems Integrators presents... TMSWeb Quality Management Compliance System.

Is your company drowning in a sea of documents and regulations ? Quality Systems Integrators presents... TMSWeb Quality Management Compliance System.
Program Management Office (PMO) Design

Program Management Office (PMO) Design
Operational risk management Margaret Guerquin, FSA, FCIA Canadian Institute of Actuaries 2006 General Meeting Chicago Confidential © 2006 Swiss Re All.

Operational risk management Margaret Guerquin, FSA, FCIA Canadian Institute of Actuaries 2006 General Meeting Chicago Confidential © 2006 Swiss Re All.
ISO General Awareness Training

ISO General Awareness Training
ISO 17799: Standard for Security Ellie Myler & George Broadbent, The Information Management Journal, Nov/Dec ‘06 Presented by Bhavana Reshaboina.

ISO 17799: Standard for Security Ellie Myler & George Broadbent, The Information Management Journal, Nov/Dec ‘06 Presented by Bhavana Reshaboina.
First Practice - Information Security Management System Implementation and ISO 27001 Certification.

First Practice - Information Security Management System Implementation and ISO Certification.
ISO Energy Management System Certification

ISO Energy Management System Certification
Project plan for ITIL implementation

Project plan for ITIL implementation
Project plan for ISO 20000 implementation Subtitle or presenter.

Project plan for ISO implementation Subtitle or presenter.
Fraud Prevention and Risk Management

Fraud Prevention and Risk Management
Effectively applying ISO9001:2000 clauses 5 and 8

Effectively applying ISO9001:2000 clauses 5 and 8
ISO Initiatives & CSR in the EU Deborah Evans Business Manager: Corporate Reporting & Assurance LRQA A member of the Lloyd’s Register Group.

ISO Initiatives & CSR in the EU Deborah Evans Business Manager: Corporate Reporting & Assurance LRQA A member of the Lloyd’s Register Group.
All Rights Reserved, Juran Institute, Inc. Transforming Your Health Care System into a Baldrige Winner.

All Rights Reserved, Juran Institute, Inc. Transforming Your Health Care System into a Baldrige Winner.
Roles and Responsibilities

Roles and Responsibilities
CSI - Introduction General Understanding. What is ITSM and what is its Value? ITSM is a set of specialized organizational capabilities for providing value.

CSI - Introduction General Understanding. What is ITSM and what is its Value? ITSM is a set of specialized organizational capabilities for providing value.
The ISO 27000 Standards Get Familiar or Stay Away? PrivaTech Consulting www.privatech.ca Presenter: Fazila Nurani, B.A.Sc., (E.Eng.), LL.B., CIPP/C.

The ISO Standards Get Familiar or Stay Away? PrivaTech Consulting Presenter: Fazila Nurani, B.A.Sc., (E.Eng.), LL.B., CIPP/C.
Principles of Information Systems, Sixth Edition Systems Design, Implementation, Maintenance, and Review Chapter 13.

Principles of Information Systems, Sixth Edition Systems Design, Implementation, Maintenance, and Review Chapter 13.
Project proposal for ISO 20000-1:2011 implementation Subtitle or presenter.

Project proposal for ISO :2011 implementation Subtitle or presenter.
Project proposal for ITIL implementation Subtitle or presenter.

Project proposal for ITIL implementation Subtitle or presenter.
Adaptive Processes Consulting Pvt. Ltd. An ISO 9001:2000 Certified Company www.AdaptiveProcesses.com This document is the property of and proprietary to.

Adaptive Processes Consulting Pvt. Ltd. An ISO 9001:2000 Certified Company This document is the property of and proprietary to.

Similar presentations

Ads by Google