Governance Risk Compliance Using ISO 27001 ISO 20000
- Slides: 31
Governance, Risk & Compliance Using ISO 27001, ISO 20000 & ISO 22301 Sharing the Leading Best Practices in One Project
Agenda l l Introduction The components of the Good Governance – – – l l ISO 27001 - Protecting the Information ISO 20, 000 – Ensuring the Best IT Service Management ISO 22301 – Ensuring the Continuity of the Business Checklist Conclusion
GRC
Importance of GRC l l GRC Projects are must for various reasons GRC has Crossed V 1 Speed.
Three Important Components of IT
What is Governance? Governance is all about: 1. Applying the Best Practices 2. Ensuring the Proper Control 3. Effective and Efficient Management In a Single Sentence…. It is the “Protection Umbrella”, which is the Responsibility of Senior Management and Board of Directors.
What is the Solution?
The Solution Explore Standards
Gartner Hype Cycle 9
Managing the Expectations 10
Gartner’s View 11
Selecting Top 3 Standards for Comprehensive Coverage
Comprehensive Governance Coverage Information Security ISO 27001 Business Continuity ISO 22301 (IT) Service Management System ISO 20, 000
Information Security and ISO 27001 The Must have Standard.
What is ISO 27001? l l ISO 27001 is the Standard of Information Security Two Parts – – l ISO 27001: Specifications ISO 27002: Code of Practices Uniqueness of ISO 27001 – – Standard 114 Annex A Controls
ISO 27001
ISO 27000 Series. . l Anxiously Waiting for… – – – – – 27000: Fundamentals and Vocabulary 27001: ISMS Auditable and certifiable requirements 27002: Replaced ISO 17799 27003: ISMS Implementation Guidelines 27004: ISMS Measurement 27005: ISMS Risk Management 27006: Guide to the certification/registration process for accredited ISMS certification/registration bodies 27007: Guidance for those auditing Information Security Management Systems against ISO 27001 27031: Information security management guidelines for telecommunications
ISO 20, 000 for (IT) Service Management System
ISO 20000
ITIL V 3. 0
ITIL l l It is all about the ‘Service’ IT is recognized as ‘Service Provider’ – To be more specific IT is Service Provider to it’s customer Business Users
Based on Deming Cycle
Deming Cycle l William Edwards Deming – – – (October 14, 1900 – December 20, 1993) was Statistician. Best known for his work in Japan. From 1950 onward he taught top management how to improve l l l Design (and thus service), Product quality, Testing and s
ISO 22301 for Business Continuity Management
Importance of BCM
What is a Disaster?
Storage Recovery Strategy
In Summary….
Fast Track Implementation
No Standardization is No Excuse
Thank You!
- Norma iso 9000
- Iso 27001 risk assessment tools
- 27001:2005
- Oracle governance risk and compliance
- Hr governance risk and compliance
- Integrated governance risk compliance platform
- Ism3 ventajas y desventajas
- 20000/12/2
- Proposal for iso 27001 implementation
- Cia+
- "iso 27001 costs"
- Iso 27001 introduction
- Hvad er isms
- Dominios de iso 27001
- Soxiso
- Itil - information security management
- Iso 27001 staff awareness
- Iso 27001 chapitres
- Iso 27001 services
- Iso 27001 pdca
- Isms roadmap
- Iso 27001 cia
- Iso 27001 business impact analysis
- Iso/iec jtc 1/sc 27/wg 1 27001:2013
- "security techniques"
- Iso 27001 soa excel
- Iso 27001 benefits presentation
- Iso 27001 zalacznik a
- Owasp iso 27001
- The iso/iec 27001 standard — dcm services
- Dominios iso 27001
- Iso/iec jtc 1/sc 27/wg 1 27001:2013