Presentation is loading. Please wait.

Presentation is loading. Please wait.

ISMS Implementation Workshop Adaptive Processes Consulting Pvt. Ltd.

Published byOliver Flowers Modified over 8 years ago

Similar presentations

Presentation on theme: "ISMS Implementation Workshop Adaptive Processes Consulting Pvt. Ltd."— Presentation transcript:

1 ISMS Implementation Workshop Adaptive Processes Consulting Pvt. Ltd.

2 © Adaptive Processes ConsultingExperience World Class Processes! Contents Planning Gap Analysis and System Definition Risk Assessment and Business Continuity Planning Implementation Internal Audits Stage 1 Audit Preparations for Stage 2 Audit Certification Audit

3 © Adaptive Processes ConsultingExperience World Class Processes! Benefits of ISMS Implementation Provides confidence to Clients on the organization’s ability to maintain information security Helps in being prepared for disasters Secures companies information assets Reduced insurance costs Better management of incidents Better legal compliance Safer work place Aware workforce Provides for a market differentiator

4 © Adaptive Processes ConsultingExperience World Class Processes! ISMS Implementation Road Map Obtain Commitment Analyze Technical Infrastructure Analyze Gaps Plan Tech Infrastructure Update Processes Initial Trainings Role Based Trainings Implementations Review Improvements Plan for Implementation Planning, Review and Communication AnalyzeImplementAuditImplementStage 1Implement SponsorStage 2

5 Planning Phase

6 © Adaptive Processes ConsultingExperience World Class Processes! ISMS PDCA Cycle Interested Parties Information Security Requirements And Expectations Establish the ISMS Implement and operate the ISMS Monitor and review the ISMS Maintain and improve the ISMS Plan DoAct Check Development, Maintenance & Improvement Cycle Interested Parties Managed Information Security Plan: Establish security policy, objectives, targets, processes and procedures relevant to managing risk, and improving information security to deliver results in accordance with an organization’s overall policies and objectives Do: Implement and operate the security policy, controls, processes and procedures Check: Asses and, where applicable, measure process performance against security policy, objectives and practical experience and report the results to management for review Act: Take corrective and preventative actions, based on the results of the management review, to achieve continual improvement of the ISMS

7 © Adaptive Processes ConsultingExperience World Class Processes!© Adaptive Processes ConsultingExperience World Class Processes! Initiation and Planning Kick-off meeting Project Plan Finalization Formation of Steering Committee Formation of Security Forum Finalization of External Audit Agency Finalization of VAPT agency Finalize documentation standard Establish ISMS Policy and Objectives Prepare Statement of Applicability Key person orientation training Define Risk Assessment Approach

8 © Adaptive Processes ConsultingExperience World Class Processes! Challenges of Planning Phase Making Information Security an IT Group initiative – A sure recipe for disaster Slow Decision Making Process Underestimation of the effort needed “Not Invented Here” Syndrome Big Bang Approach Inadequate effort planned for internal communication No governance mechanism to involve Senior / Delivery Management

9 © Adaptive Processes ConsultingExperience World Class Processes! 3 Key Elements of Successful Change Management 1 st : Communicate 2 nd : Communicate 3 rd : Communicate

10 © Adaptive Processes ConsultingExperience World Class Processes! Key Aspects to be Communicated How Information Security is critical to business survival and success How Information Security is every one’s responsibility Individual’s role and responsibility towards Information Security Develop a detailed plan and action item tracker Consider this as a project and follow good project management practices

11 © Adaptive Processes ConsultingExperience World Class Processes! Best Practices for Planning Phase Involve all functions in the organization Be creative in Business Continuity Planning Have adequate resources Pilot in one unit Develop Governance Mechanism Consider automation for ISMS

12 Gap Analysis and ISMS System Definition Phase

13 © Adaptive Processes ConsultingExperience World Class Processes! Gap Analysis Phase Conduct gap analysis wrt existing policies and procedures Develop and review ISMS policies Risk Identification and Treatment Initiate Business Continuity Plan Conduct VAPT Develop and review ISMS Processes Develop Awareness Training Material Conduct Awareness Trainings Finalize dates for Document Review and Certification Audit

Download ppt "ISMS Implementation Workshop Adaptive Processes Consulting Pvt. Ltd."

Similar presentations

ISMS implementation and certification process overview

ISMS implementation and certification process overview
Role of Senior Management

Role of Senior Management
Dr Lami Kaya LamiKaya@gmail.com ISO 27001 Information Security Management System (ISMS) Certification Overview Dr Lami Kaya LamiKaya@gmail.com.

Dr Lami Kaya ISO Information Security Management System (ISMS) Certification Overview Dr Lami Kaya
Elective module 3 Geospatial environmental management

Elective module 3 Geospatial environmental management
Program Management Office (PMO) Design

Program Management Office (PMO) Design
Environmental Management Systems Refresher

Environmental Management Systems Refresher
Developing a Risk-Based Information Security Program

Developing a Risk-Based Information Security Program
Develop an Information Strategy Plan

Develop an Information Strategy Plan
Environmental Management System Implementation

Environmental Management System Implementation
[Organisation’s Title] Environmental Management System

[Organisation’s Title] Environmental Management System
Massachusetts Digital Government Summit October 19, 2009 IT Management Frameworks An Overview of ISO 27001:2005.

Massachusetts Digital Government Summit October 19, 2009 IT Management Frameworks An Overview of ISO 27001:2005.
Environmental Management System (EMS)

Environmental Management System (EMS)
Chapter 7: Key Process Areas for Level 2: Repeatable - Arvind Kabir Yateesh.

Chapter 7: Key Process Areas for Level 2: Repeatable - Arvind Kabir Yateesh.
RMS – a collaborative approach Presentation Lyn Dare & Stephen Larmour Authorisation & Audit Comcare.

RMS – a collaborative approach Presentation Lyn Dare & Stephen Larmour Authorisation & Audit Comcare.
ISO 9001 : 2000.

ISO 9001 : 2000.
GReening business through the Enterprise Europe Network EN 16001 Giovanni FRANCO European Commission Enterprise and Industry EN 16001.

GReening business through the Enterprise Europe Network EN Giovanni FRANCO European Commission Enterprise and Industry EN
Dr. Julian Lo Consulting Director ITIL v3 Expert

Dr. Julian Lo Consulting Director ITIL v3 Expert
Contractor Management and ISO 14001:2004

Contractor Management and ISO 14001:2004
ISO General Awareness Training

ISO General Awareness Training
Environmental Management Systems Refresher

Environmental Management Systems Refresher

Similar presentations

Ads by Google