SlideShare a Scribd company logo

ISO 27001:2013 - A transition guide

Verde Ventures Pvt. Ltd.
Verde Ventures Pvt. Ltd.

A transition guide for ISO 27001:2013. Mapping of clauses of ISO 27001:2013 with the old standard.

Technology
1 of 13
Download to read offline
www.verde.co.in Transition from ISO/IEC 27001:2005 to ISO/IEC 27001:2013 Transition Guide
Inspiring Excellence about the e-book This e-book has been prepared to show changes introduced in ISMS standard ISO 27001:2013 with respect to ISO 27001:2005. In ISO 27001:2013, few controls has been removed due to ambiguity and duplication with other controls. Few controls are added newly and some existing controls are segregated as separate domain. In ISO 27001:2005, there were 133 controls and 11 domains. ISO 27001:2013 is revised with 114 controls with 14 domains. www.verde.co.in
Inspiring Excellence ISO 27001:2005 www.verde.co.in ISO 27001:2013 plan your transition today
Inspiring Excellence New ISO 27001:2013 WHAT HAS CHANGED? www.verde.co.in Comparison Number of sections in Annexure A Number of controls in Annexure A 11 133 ISO 27001:2005 ISO 27001:2013 Number of sections in Annexure A Number of controls in Annexure A 14 114 Requirements New Requirements • Risk Owners (6.1.2c) • Interested Parties (4.2) Old Requirements • Preventive Action • Document Control • Annex B • Annex C Information Security Management System
Inspiring Excellence MAJOR •Interested Parties •Objectives, Monitoring & Measurement •Risk Assessment and Treatment MODER ATE •ISMS Scope •Information Security Policy •Communication •Document Management •Annex A Control SMALL •Leadership and Commitment •Statement of Applicability •Human Resource Management •Internal Audit •Management Review •Corrective Action Degree of Change New Security Controls • Information Security in project managementA.6.1.5 • Security Development policy14.2.1 • Security System Engineering Principle14.2.5 • Security Development Environment14.2.6 • System Security Testing14.2.8 • Assessment of and Decision on Information Security Events16.1.4 • Availability of Information Processing Facilities17.2.1 www.verde.co.in
Inspiring Excellence The transition to ISO 27001:2013 is in accordance with Annex SL. Annex SL defines the framework for a generic management system. All new ISO management system standards (e.g. ISO 22301) adhere to this framework, and all current management system standards will migrate to it at next revision (e.g. ISO 9001 & ISO 14001 in 2015). Another reason for the change is to remove the ambiguity between standards. It will give all the standards the same ‘look and feel’ (with the exception of Section 8 Operations, which remains product specific). This should ensure consistency and compatibility, especially for clients with more than one management system. A major benefit is that less time may be required during certification for organization with multiple management systems fully integrated. WHY THE CHANGE? ISO 27001: 2013 www.verde.co.in
Inspiring Excellence ISO 27001:2005 Mandatory Clauses Clause 0-3 Provide background and definitions Clause 4-8 Provide mandatory requirements ISO 27001:2013 Mandatory Clauses Clause 0-3 Provide background and definitions Clause 4-10 Provide mandatory requirements Clause 4: Information security management system Clause 5: Management Responsibility Clause 6: Internal ISMS audit Clause 7: Management review Clause 8: ISMS improvement Clause 4: Context of the organization Clause 5: Leadership Clause 6: Planning Clause 7: Support Clause 8: Operation Clause 9: Performance Evaluation Clause 10: ISMS Improvement Change in the clauses www.verde.co.in
Inspiring Excellence Mapping the clauses 1 Scope of the standard 2 Normative references 3 Terms and definitions 4 Context of organization 5 Leadership 6 Planning 7 Support 8 Operation 9 Performance evaluation 10 Improvement 1 Scope of the standard 2 Normative references 3 Terms and definitions 4.2.1.a Define the scope & boundaries. 5.1 Management Commitment 4.2.1.b Objectives ; 4.2.1.c Risk Assessment 5.2 Resource Management ; 4.3 Documentation Requirements 4.2.2 Implement and operate the ISMS ; 4.2.3 Monitor and Review the ISMS 6 Internal Audits ; 7 Management Review 8 ISMS Improvement www.verde.co.in ISO 27001:2013 ISO 27001:2005
Inspiring Excellence Steps for Transition Make a proper Transition Plan Do a gap analysis Document all interested parties (internal & external) Revisit your scope statement Align business and security objectives Review information security policy, add roles and responsibilities Review risk management procedure; identify risk owners Revisit risk assessment and get approval of treatment from risk owners Revisit your Statement of Applicability (SoA) Review required documentation – new document may be required, old document can be retired Revisit your metrics and measures Need help? EMAIL US: connect@verde.co.in For organization currently certified to 2005 version, you have time till September 2015 for transition to the new standard ISO 27001:2013 www.verde.co.in
Inspiring Excellence Comply with business, legal, contractual and regulatory requirements Adopt a risk-based approach that informs senior-level decision-making Win new business opportunities / retain your existing customer-base Avoid large financial penalties – both regulatory fines and contractual Safeguard your own / your client’s valuable intellectual property rights Build trust & confidence that encourages your business partners & customers to entrust confidential data with the company Support a continuous process of improvement throughout the organisation www.verde.co.in Do you need help in transition to the new ISO 27001:2013 standard? Do you need help in transition to the new ISO 27001:2013 standard? Call: +91 98311 45556
Inspiring Excellence •Awareness course on ISMS •Foundation course on ISMS •Internal Auditor course on ISMS •Transition course for ISO 27001:2013 www.verde.co.in Need Training? Do you want to arrange a customized training for your organization? Call: +91 98311 45556 Email: connect@verde.co.in
Inspiring Excellencewww.verde.co.in This is a knowledge initiative Do you need help in transition to the new ISO 27001:2013 standard? Do you need help in transition to the new ISO 27001:2013 standard? Do you need help in fresh certification to the new ISO 27001:2013 standard? Do you want to arrange a customized training for your organization? One place for all your solutions Call us: +91 98311 45556 | Email us: connect@verde.co.in
Inspiring Excellence What Verde does? Verde is an international advisory firm involved in the field of Responsible Business, Business Excellence and Risk Management. 1 Assessment Identifying the gaps in a system against standard(s) and requirement. to meet compliance and facilitate improvement. 2 Consulting Supporting & handholding organisations to solve their problems and to meet the gaps identified during the assessment or any other audit. 3 Training Empowering people to perform their duties effectively and efficiently. 4 Assurance & Certification Ensuring that a process, product, or service meets relevant techni cal standards and fulfils relevant requirements. www.verde.co.in Verde services in Information Communication Technology • Business Impact Assessment • Information Security Management System • Business Continuity Management • Data Centre Conformity Assessment • IT Service Management • Vulnerability and Penetration Testing (VAPT) Safety, Health & Environment People ExcellenceFood Safety Social Compliance Quality & Business Excellence Information Security Sustainability Risk Management

Recommended

Overview of ISO 27001 ISMS
Overview of ISO 27001 ISMSOverview of ISO 27001 ISMS
Overview of ISO 27001 ISMSAkhil Garg
 
University iso 27001 bgys intro and certification lami kaya may2012
University iso 27001 bgys intro and certification lami kaya may2012University iso 27001 bgys intro and certification lami kaya may2012
University iso 27001 bgys intro and certification lami kaya may2012Hakem Filiz
 
ISO 27001 ISMS MEASUREMENT
ISO 27001 ISMS MEASUREMENTISO 27001 ISMS MEASUREMENT
ISO 27001 ISMS MEASUREMENTGaffri Johnson
 
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA
 
ISMS implementation challenges-KASYS
ISMS implementation challenges-KASYSISMS implementation challenges-KASYS
ISMS implementation challenges-KASYSReza Teynia ISMS, ITSM, MSc
 
What is ISO 27001 ISMS
What is ISO 27001 ISMSWhat is ISO 27001 ISMS
What is ISO 27001 ISMSBusiness Beam
 
Why ISO27001 For My Organisation
Why ISO27001 For My OrganisationWhy ISO27001 For My Organisation
Why ISO27001 For My OrganisationVigilant Software
 
Infosec Audit Lecture_4
Infosec Audit Lecture_4Infosec Audit Lecture_4
Infosec Audit Lecture_4Obrina Candra, CISA, ISMS-LA
 

Recommended

Overview of ISO 27001 ISMS
Overview of ISO 27001 ISMSOverview of ISO 27001 ISMS
Overview of ISO 27001 ISMSAkhil Garg
 
University iso 27001 bgys intro and certification lami kaya may2012
University iso 27001 bgys intro and certification lami kaya may2012University iso 27001 bgys intro and certification lami kaya may2012
University iso 27001 bgys intro and certification lami kaya may2012Hakem Filiz
 
ISO 27001 ISMS MEASUREMENT
ISO 27001 ISMS MEASUREMENTISO 27001 ISMS MEASUREMENT
ISO 27001 ISMS MEASUREMENTGaffri Johnson
 
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA
 
ISMS implementation challenges-KASYS
ISMS implementation challenges-KASYSISMS implementation challenges-KASYS
ISMS implementation challenges-KASYSReza Teynia ISMS, ITSM, MSc
 
What is ISO 27001 ISMS
What is ISO 27001 ISMSWhat is ISO 27001 ISMS
What is ISO 27001 ISMSBusiness Beam
 
Why ISO27001 For My Organisation
Why ISO27001 For My OrganisationWhy ISO27001 For My Organisation
Why ISO27001 For My OrganisationVigilant Software
 
Infosec Audit Lecture_4
Infosec Audit Lecture_4Infosec Audit Lecture_4
Infosec Audit Lecture_4Obrina Candra, CISA, ISMS-LA
 
Iso 27001 10_apr_2006
Iso 27001 10_apr_2006Iso 27001 10_apr_2006
Iso 27001 10_apr_2006Khawar Nehal khawar.nehal@atrc.net.pk
 
ISO/IEC 27001:2013
ISO/IEC 27001:2013ISO/IEC 27001:2013
ISO/IEC 27001:2013Ramiro Cid
 
ISO 27001:2013 - Changes
ISO 27001:2013 - ChangesISO 27001:2013 - Changes
ISO 27001:2013 - Changesn|u - The Open Security Community
 
Implementing ISO27001 2013
Implementing ISO27001 2013Implementing ISO27001 2013
Implementing ISO27001 2013scttmcvy
 
Iso 27001 2013
Iso 27001 2013Iso 27001 2013
Iso 27001 2013Magda CHELLY, Ph.D, S-CISO, CISSP®
 
NQA Your Risk Assurance Partner
NQA Your Risk Assurance PartnerNQA Your Risk Assurance Partner
NQA Your Risk Assurance PartnerNQA
 
Mr. ahmed obaid the ceo guide to implement iso 27001
Mr. ahmed obaid the ceo guide to implement iso 27001Mr. ahmed obaid the ceo guide to implement iso 27001
Mr. ahmed obaid the ceo guide to implement iso 27001qualitysummit
 
Reporting about Overview Summery of ISO-27000 Se.(ISMS)
Reporting about Overview Summery of ISO-27000 Se.(ISMS)Reporting about Overview Summery of ISO-27000 Se.(ISMS)
Reporting about Overview Summery of ISO-27000 Se.(ISMS)AHM Pervej Kabir
 
ISO 27001 Implementation_Documentation_Mandatory_List
ISO 27001 Implementation_Documentation_Mandatory_ListISO 27001 Implementation_Documentation_Mandatory_List
ISO 27001 Implementation_Documentation_Mandatory_ListSriramITISConsultant
 
Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentationMidhun Nirmal
 
ISO 27001 Certification: An All-Access Pass
ISO 27001 Certification: An All-Access PassISO 27001 Certification: An All-Access Pass
ISO 27001 Certification: An All-Access PassA-lign
 
Transitioning to iso 27001 2013
Transitioning to iso 27001 2013Transitioning to iso 27001 2013
Transitioning to iso 27001 2013SAIGlobalAssurance
 
All you wanted to know about iso 27000
All you wanted to know about iso 27000All you wanted to know about iso 27000
All you wanted to know about iso 27000Ramana K V
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewShankar Subramaniyan
 
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...PECB
 
Basic introduction to iso27001
Basic introduction to iso27001Basic introduction to iso27001
Basic introduction to iso27001Imran Ahmed
 
Iso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromIso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromMart Rovers
 
27001 awareness Training
27001 awareness Training27001 awareness Training
27001 awareness TrainingDr Madhu Aman Sharma
 
NQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation GuideNQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation GuideNA Putra
 
Guide on ISO 27001 Controls
Guide on ISO 27001 ControlsGuide on ISO 27001 Controls
Guide on ISO 27001 ControlsVISTA InfoSec
 
ISO 27001 2013 isms final overview
ISO 27001 2013 isms final overviewISO 27001 2013 isms final overview
ISO 27001 2013 isms final overviewNaresh Rao
 
Iso 27001 2013 Standard Requirements
Iso 27001 2013 Standard RequirementsIso 27001 2013 Standard Requirements
Iso 27001 2013 Standard RequirementsUppala Anand
 

More Related Content

What's hot

ISO/IEC 27001:2013
ISO/IEC 27001:2013ISO/IEC 27001:2013
ISO/IEC 27001:2013Ramiro Cid
 
Implementing ISO27001 2013
Implementing ISO27001 2013Implementing ISO27001 2013
Implementing ISO27001 2013scttmcvy
 
NQA Your Risk Assurance Partner
NQA Your Risk Assurance PartnerNQA Your Risk Assurance Partner
NQA Your Risk Assurance PartnerNQA
 
Mr. ahmed obaid the ceo guide to implement iso 27001
Mr. ahmed obaid the ceo guide to implement iso 27001Mr. ahmed obaid the ceo guide to implement iso 27001
Mr. ahmed obaid the ceo guide to implement iso 27001qualitysummit
 
Reporting about Overview Summery of ISO-27000 Se.(ISMS)
Reporting about Overview Summery of ISO-27000 Se.(ISMS)Reporting about Overview Summery of ISO-27000 Se.(ISMS)
Reporting about Overview Summery of ISO-27000 Se.(ISMS)AHM Pervej Kabir
 
ISO 27001 Implementation_Documentation_Mandatory_List
ISO 27001 Implementation_Documentation_Mandatory_ListISO 27001 Implementation_Documentation_Mandatory_List
ISO 27001 Implementation_Documentation_Mandatory_ListSriramITISConsultant
 
Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentationMidhun Nirmal
 
ISO 27001 Certification: An All-Access Pass
ISO 27001 Certification: An All-Access PassISO 27001 Certification: An All-Access Pass
ISO 27001 Certification: An All-Access PassA-lign
 
Transitioning to iso 27001 2013
Transitioning to iso 27001 2013Transitioning to iso 27001 2013
Transitioning to iso 27001 2013SAIGlobalAssurance
 
All you wanted to know about iso 27000
All you wanted to know about iso 27000All you wanted to know about iso 27000
All you wanted to know about iso 27000Ramana K V
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewShankar Subramaniyan
 
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...PECB
 
Basic introduction to iso27001
Basic introduction to iso27001Basic introduction to iso27001
Basic introduction to iso27001Imran Ahmed
 
Iso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromIso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromMart Rovers
 
NQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation GuideNQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation GuideNA Putra
 
Guide on ISO 27001 Controls
Guide on ISO 27001 ControlsGuide on ISO 27001 Controls
Guide on ISO 27001 ControlsVISTA InfoSec
 

What's hot (20)

Iso 27001 10_apr_2006
Iso 27001 10_apr_2006Iso 27001 10_apr_2006
Iso 27001 10_apr_2006
 
ISO/IEC 27001:2013
ISO/IEC 27001:2013ISO/IEC 27001:2013
ISO/IEC 27001:2013
 
ISO 27001:2013 - Changes
ISO 27001:2013 - ChangesISO 27001:2013 - Changes
ISO 27001:2013 - Changes
 
Implementing ISO27001 2013
Implementing ISO27001 2013Implementing ISO27001 2013
Implementing ISO27001 2013
 
Iso 27001 2013
Iso 27001 2013Iso 27001 2013
Iso 27001 2013
 
NQA Your Risk Assurance Partner
NQA Your Risk Assurance PartnerNQA Your Risk Assurance Partner
NQA Your Risk Assurance Partner
 
Mr. ahmed obaid the ceo guide to implement iso 27001
Mr. ahmed obaid the ceo guide to implement iso 27001Mr. ahmed obaid the ceo guide to implement iso 27001
Mr. ahmed obaid the ceo guide to implement iso 27001
 
Reporting about Overview Summery of ISO-27000 Se.(ISMS)
Reporting about Overview Summery of ISO-27000 Se.(ISMS)Reporting about Overview Summery of ISO-27000 Se.(ISMS)
Reporting about Overview Summery of ISO-27000 Se.(ISMS)
 
ISO 27001 Implementation_Documentation_Mandatory_List
ISO 27001 Implementation_Documentation_Mandatory_ListISO 27001 Implementation_Documentation_Mandatory_List
ISO 27001 Implementation_Documentation_Mandatory_List
 
Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentation
 
ISO 27001 Certification: An All-Access Pass
ISO 27001 Certification: An All-Access PassISO 27001 Certification: An All-Access Pass
ISO 27001 Certification: An All-Access Pass
 
Transitioning to iso 27001 2013
Transitioning to iso 27001 2013Transitioning to iso 27001 2013
Transitioning to iso 27001 2013
 
All you wanted to know about iso 27000
All you wanted to know about iso 27000All you wanted to know about iso 27000
All you wanted to know about iso 27000
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process Overview
 
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...
 
Basic introduction to iso27001
Basic introduction to iso27001Basic introduction to iso27001
Basic introduction to iso27001
 
Iso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromIso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interprom
 
27001 awareness Training
27001 awareness Training27001 awareness Training
27001 awareness Training
 
NQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation GuideNQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation Guide
 
Guide on ISO 27001 Controls
Guide on ISO 27001 ControlsGuide on ISO 27001 Controls
Guide on ISO 27001 Controls
 

Viewers also liked

ISO 27001 2013 isms final overview
ISO 27001 2013 isms final overviewISO 27001 2013 isms final overview
ISO 27001 2013 isms final overviewNaresh Rao
 
Iso 27001 2013 Standard Requirements
Iso 27001 2013 Standard RequirementsIso 27001 2013 Standard Requirements
Iso 27001 2013 Standard RequirementsUppala Anand
 
Friday Forum ISO 27001: 2013
Friday Forum ISO 27001: 2013Friday Forum ISO 27001: 2013
Friday Forum ISO 27001: 2013APEXMarCom
 
Implementation of health & safety in msme sector
Implementation of health & safety in msme sectorImplementation of health & safety in msme sector
Implementation of health & safety in msme sectorVerde Ventures Pvt. Ltd.
 
Information Security Identity and Access Management Administration 07072016
Information Security Identity and Access Management Administration 07072016Information Security Identity and Access Management Administration 07072016
Information Security Identity and Access Management Administration 07072016Leon Blum
 
Tier program services, by Dana Smith. Data Center Summit
Tier program services, by Dana Smith. Data Center SummitTier program services, by Dana Smith. Data Center Summit
Tier program services, by Dana Smith. Data Center SummitDCC Mission Critical
 
The bow tie method
The bow tie methodThe bow tie method
The bow tie methodJohn Baker
 
IT Infrastructure of Jakarta Local Government
IT Infrastructure of Jakarta Local GovernmentIT Infrastructure of Jakarta Local Government
IT Infrastructure of Jakarta Local Governmentsimrc
 
Is your data center on the verge of a crisis?
Is your data center on the verge of a crisis?Is your data center on the verge of a crisis?
Is your data center on the verge of a crisis?Uptime Institute
 
Security and control in Management Information System
Security and control in Management Information SystemSecurity and control in Management Information System
Security and control in Management Information SystemSatya P. Joshi
 
Take steps to increase HR Compliance and stay Competitive
Take steps to increase HR Compliance and stay CompetitiveTake steps to increase HR Compliance and stay Competitive
Take steps to increase HR Compliance and stay CompetitiveVerde Ventures Pvt. Ltd.
 
Bow tie concepts training solutions
Bow tie concepts training solutionsBow tie concepts training solutions
Bow tie concepts training solutionsJ.K.M Nair
 
Bow tie Analysis
Bow tie AnalysisBow tie Analysis
Bow tie AnalysisJaafar Mohd
 
Information security management system (isms) overview
Information security management system (isms) overviewInformation security management system (isms) overview
Information security management system (isms) overviewJulia Urbina-Pineda
 

Viewers also liked (20)

ISO 27001 2013 isms final overview
ISO 27001 2013 isms final overviewISO 27001 2013 isms final overview
ISO 27001 2013 isms final overview
 
Iso 27001 2013 Standard Requirements
Iso 27001 2013 Standard RequirementsIso 27001 2013 Standard Requirements
Iso 27001 2013 Standard Requirements
 
Friday Forum ISO 27001: 2013
Friday Forum ISO 27001: 2013Friday Forum ISO 27001: 2013
Friday Forum ISO 27001: 2013
 
Implementation of health & safety in msme sector
Implementation of health & safety in msme sectorImplementation of health & safety in msme sector
Implementation of health & safety in msme sector
 
Information Security Identity and Access Management Administration 07072016
Information Security Identity and Access Management Administration 07072016Information Security Identity and Access Management Administration 07072016
Information Security Identity and Access Management Administration 07072016
 
How to control electrical safety risk
How to control electrical safety riskHow to control electrical safety risk
How to control electrical safety risk
 
Tier program services, by Dana Smith. Data Center Summit
Tier program services, by Dana Smith. Data Center SummitTier program services, by Dana Smith. Data Center Summit
Tier program services, by Dana Smith. Data Center Summit
 
Clasificacion tier
Clasificacion tierClasificacion tier
Clasificacion tier
 
The bow tie method
The bow tie methodThe bow tie method
The bow tie method
 
IT Infrastructure of Jakarta Local Government
IT Infrastructure of Jakarta Local GovernmentIT Infrastructure of Jakarta Local Government
IT Infrastructure of Jakarta Local Government
 
Is your data center on the verge of a crisis?
Is your data center on the verge of a crisis?Is your data center on the verge of a crisis?
Is your data center on the verge of a crisis?
 
Security and control in Management Information System
Security and control in Management Information SystemSecurity and control in Management Information System
Security and control in Management Information System
 
Ech 5511 ergonomic control
Ech 5511 ergonomic controlEch 5511 ergonomic control
Ech 5511 ergonomic control
 
Take steps to increase HR Compliance and stay Competitive
Take steps to increase HR Compliance and stay CompetitiveTake steps to increase HR Compliance and stay Competitive
Take steps to increase HR Compliance and stay Competitive
 
PERUMIN 31: Bow-tie Risk Analysis
PERUMIN 31: Bow-tie Risk AnalysisPERUMIN 31: Bow-tie Risk Analysis
PERUMIN 31: Bow-tie Risk Analysis
 
Fire safety emergency preparedness verde
Fire safety emergency preparedness verdeFire safety emergency preparedness verde
Fire safety emergency preparedness verde
 
Bow tie concepts training solutions
Bow tie concepts training solutionsBow tie concepts training solutions
Bow tie concepts training solutions
 
ISO/IEC 27001:2005 naar ISO 27001:2013 Checklist
ISO/IEC 27001:2005 naar ISO 27001:2013 ChecklistISO/IEC 27001:2005 naar ISO 27001:2013 Checklist
ISO/IEC 27001:2005 naar ISO 27001:2013 Checklist
 
Bow tie Analysis
Bow tie AnalysisBow tie Analysis
Bow tie Analysis
 
Information security management system (isms) overview
Information security management system (isms) overviewInformation security management system (isms) overview
Information security management system (isms) overview
 

Similar to ISO 27001:2013 - A transition guide

ISO and ITIL Best Practices in IT Services and Quality Management.ppt
ISO and ITIL Best Practices in IT Services and Quality Management.pptISO and ITIL Best Practices in IT Services and Quality Management.ppt
ISO and ITIL Best Practices in IT Services and Quality Management.pptMohamedAlaaAbouelrei1
 
PECB Webinar: ISO 9001:2015 Transition – Understanding the changes
PECB Webinar: ISO 9001:2015 Transition – Understanding the changes PECB Webinar: ISO 9001:2015 Transition – Understanding the changes
PECB Webinar: ISO 9001:2015 Transition – Understanding the changes PECB
 
ISO 27001 2002 Update Webinar.pdf
ISO 27001 2002 Update Webinar.pdfISO 27001 2002 Update Webinar.pdf
ISO 27001 2002 Update Webinar.pdfControlCase
 
Iso 9001 small business handbook
Iso 9001 small business handbook Iso 9001 small business handbook
Iso 9001 small business handbook Alejito Cuzco
 
Iso 2008 vs 2015
Iso 2008 vs 2015Iso 2008 vs 2015
Iso 2008 vs 2015Haya Haroon
 
Construction Futures Wales - Quality Standards Presentation
Construction Futures Wales - Quality Standards PresentationConstruction Futures Wales - Quality Standards Presentation
Construction Futures Wales - Quality Standards PresentationRae Davies
 
Are you prepared to transition to ISO 9001:2015?
Are you prepared to transition to ISO 9001:2015?Are you prepared to transition to ISO 9001:2015?
Are you prepared to transition to ISO 9001:2015?Geoff Doole
 
Transition to ISO 9001:2015
Transition to ISO 9001:2015Transition to ISO 9001:2015
Transition to ISO 9001:2015PECB
 
Iso 9001 transitioning
Iso 9001 transitioningIso 9001 transitioning
Iso 9001 transitioningfelixgh
 
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingOperational Excellence Consulting
 
ISO 9001 2015 highlight of changes
ISO 9001 2015 highlight of changesISO 9001 2015 highlight of changes
ISO 9001 2015 highlight of changesBywater Training
 
Pe 6421 chapter 3 iso 9000 quality system oct 13 2014
Pe 6421 chapter 3 iso 9000 quality system oct 13 2014Pe 6421 chapter 3 iso 9000 quality system oct 13 2014
Pe 6421 chapter 3 iso 9000 quality system oct 13 2014Charlton Inao
 
ISO 9001:2015 Quality Management Principles
ISO 9001:2015 Quality Management PrinciplesISO 9001:2015 Quality Management Principles
ISO 9001:2015 Quality Management PrinciplesKaren Sharick
 

Similar to ISO 27001:2013 - A transition guide (20)

ISO and ITIL Best Practices in IT Services and Quality Management.ppt
ISO and ITIL Best Practices in IT Services and Quality Management.pptISO and ITIL Best Practices in IT Services and Quality Management.ppt
ISO and ITIL Best Practices in IT Services and Quality Management.ppt
 
PECB Webinar: ISO 9001:2015 Transition – Understanding the changes
PECB Webinar: ISO 9001:2015 Transition – Understanding the changes PECB Webinar: ISO 9001:2015 Transition – Understanding the changes
PECB Webinar: ISO 9001:2015 Transition – Understanding the changes
 
ISO 27001 2002 Update Webinar.pdf
ISO 27001 2002 Update Webinar.pdfISO 27001 2002 Update Webinar.pdf
ISO 27001 2002 Update Webinar.pdf
 
Iso 9001 small business handbook
Iso 9001 small business handbook Iso 9001 small business handbook
Iso 9001 small business handbook
 
Iso 2008 vs 2015
Iso 2008 vs 2015Iso 2008 vs 2015
Iso 2008 vs 2015
 
Construction Futures Wales - Quality Standards Presentation
Construction Futures Wales - Quality Standards PresentationConstruction Futures Wales - Quality Standards Presentation
Construction Futures Wales - Quality Standards Presentation
 
Quality standards as per iso
Quality standards as per isoQuality standards as per iso
Quality standards as per iso
 
Why ISO 9001
Why ISO 9001Why ISO 9001
Why ISO 9001
 
Are you prepared to transition to ISO 9001:2015?
Are you prepared to transition to ISO 9001:2015?Are you prepared to transition to ISO 9001:2015?
Are you prepared to transition to ISO 9001:2015?
 
Transition to ISO 9001:2015
Transition to ISO 9001:2015Transition to ISO 9001:2015
Transition to ISO 9001:2015
 
Iso 9001 transitioning
Iso 9001 transitioningIso 9001 transitioning
Iso 9001 transitioning
 
Iso 9001 transitioning 2008 TO 2015
Iso 9001 transitioning 2008 TO 2015Iso 9001 transitioning 2008 TO 2015
Iso 9001 transitioning 2008 TO 2015
 
Iso 9001 transitioning
Iso 9001 transitioningIso 9001 transitioning
Iso 9001 transitioning
 
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
 
ISO 9001 2015 highlight of changes
ISO 9001 2015 highlight of changesISO 9001 2015 highlight of changes
ISO 9001 2015 highlight of changes
 
9-1SO 9000.pptx
9-1SO 9000.pptx9-1SO 9000.pptx
9-1SO 9000.pptx
 
Overview of iso 9001
Overview of iso 9001Overview of iso 9001
Overview of iso 9001
 
Pe 6421 chapter 3 iso 9000 quality system oct 13 2014
Pe 6421 chapter 3 iso 9000 quality system oct 13 2014Pe 6421 chapter 3 iso 9000 quality system oct 13 2014
Pe 6421 chapter 3 iso 9000 quality system oct 13 2014
 
iso_9001.pptx
iso_9001.pptxiso_9001.pptx
iso_9001.pptx
 
ISO 9001:2015 Quality Management Principles
ISO 9001:2015 Quality Management PrinciplesISO 9001:2015 Quality Management Principles
ISO 9001:2015 Quality Management Principles
 

More from Verde Ventures Pvt. Ltd.

Verde your sustainability partner for business growth
Verde your sustainability partner for business growthVerde your sustainability partner for business growth
Verde your sustainability partner for business growthVerde Ventures Pvt. Ltd.
 
HR Audit - How can an organization benefit out of it?
HR Audit - How can an organization benefit out of it?HR Audit - How can an organization benefit out of it?
HR Audit - How can an organization benefit out of it?Verde Ventures Pvt. Ltd.
 
The India Sustainable Tea Program - trustea
The India Sustainable Tea Program - trusteaThe India Sustainable Tea Program - trustea
The India Sustainable Tea Program - trusteaVerde Ventures Pvt. Ltd.
 

More from Verde Ventures Pvt. Ltd. (7)

Verde your sustainability partner for business growth
Verde your sustainability partner for business growthVerde your sustainability partner for business growth
Verde your sustainability partner for business growth
 
Safety in Mechanical Industries
Safety in Mechanical IndustriesSafety in Mechanical Industries
Safety in Mechanical Industries
 
Safety Management System
Safety Management SystemSafety Management System
Safety Management System
 
Safety Audit: An Overview
Safety Audit: An OverviewSafety Audit: An Overview
Safety Audit: An Overview
 
HR Audit - How can an organization benefit out of it?
HR Audit - How can an organization benefit out of it?HR Audit - How can an organization benefit out of it?
HR Audit - How can an organization benefit out of it?
 
14 Tips for Process Safety Management
14 Tips for Process Safety Management14 Tips for Process Safety Management
14 Tips for Process Safety Management
 
The India Sustainable Tea Program - trustea
The India Sustainable Tea Program - trusteaThe India Sustainable Tea Program - trustea
The India Sustainable Tea Program - trustea
 

Recently uploaded

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 

Recently uploaded (20)

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 

ISO 27001:2013 - A transition guide

  • 1. www.verde.co.in Transition from ISO/IEC 27001:2005 to ISO/IEC 27001:2013 Transition Guide
  • 2. Inspiring Excellence about the e-book This e-book has been prepared to show changes introduced in ISMS standard ISO 27001:2013 with respect to ISO 27001:2005. In ISO 27001:2013, few controls has been removed due to ambiguity and duplication with other controls. Few controls are added newly and some existing controls are segregated as separate domain. In ISO 27001:2005, there were 133 controls and 11 domains. ISO 27001:2013 is revised with 114 controls with 14 domains. www.verde.co.in
  • 3. Inspiring Excellence ISO 27001:2005 www.verde.co.in ISO 27001:2013 plan your transition today
  • 4. Inspiring Excellence New ISO 27001:2013 WHAT HAS CHANGED? www.verde.co.in Comparison Number of sections in Annexure A Number of controls in Annexure A 11 133 ISO 27001:2005 ISO 27001:2013 Number of sections in Annexure A Number of controls in Annexure A 14 114 Requirements New Requirements • Risk Owners (6.1.2c) • Interested Parties (4.2) Old Requirements • Preventive Action • Document Control • Annex B • Annex C Information Security Management System
  • 5. Inspiring Excellence MAJOR •Interested Parties •Objectives, Monitoring & Measurement •Risk Assessment and Treatment MODER ATE •ISMS Scope •Information Security Policy •Communication •Document Management •Annex A Control SMALL •Leadership and Commitment •Statement of Applicability •Human Resource Management •Internal Audit •Management Review •Corrective Action Degree of Change New Security Controls • Information Security in project managementA.6.1.5 • Security Development policy14.2.1 • Security System Engineering Principle14.2.5 • Security Development Environment14.2.6 • System Security Testing14.2.8 • Assessment of and Decision on Information Security Events16.1.4 • Availability of Information Processing Facilities17.2.1 www.verde.co.in
  • 6. Inspiring Excellence The transition to ISO 27001:2013 is in accordance with Annex SL. Annex SL defines the framework for a generic management system. All new ISO management system standards (e.g. ISO 22301) adhere to this framework, and all current management system standards will migrate to it at next revision (e.g. ISO 9001 & ISO 14001 in 2015). Another reason for the change is to remove the ambiguity between standards. It will give all the standards the same ‘look and feel’ (with the exception of Section 8 Operations, which remains product specific). This should ensure consistency and compatibility, especially for clients with more than one management system. A major benefit is that less time may be required during certification for organization with multiple management systems fully integrated. WHY THE CHANGE? ISO 27001: 2013 www.verde.co.in
  • 7. Inspiring Excellence ISO 27001:2005 Mandatory Clauses Clause 0-3 Provide background and definitions Clause 4-8 Provide mandatory requirements ISO 27001:2013 Mandatory Clauses Clause 0-3 Provide background and definitions Clause 4-10 Provide mandatory requirements Clause 4: Information security management system Clause 5: Management Responsibility Clause 6: Internal ISMS audit Clause 7: Management review Clause 8: ISMS improvement Clause 4: Context of the organization Clause 5: Leadership Clause 6: Planning Clause 7: Support Clause 8: Operation Clause 9: Performance Evaluation Clause 10: ISMS Improvement Change in the clauses www.verde.co.in
  • 8. Inspiring Excellence Mapping the clauses 1 Scope of the standard 2 Normative references 3 Terms and definitions 4 Context of organization 5 Leadership 6 Planning 7 Support 8 Operation 9 Performance evaluation 10 Improvement 1 Scope of the standard 2 Normative references 3 Terms and definitions 4.2.1.a Define the scope & boundaries. 5.1 Management Commitment 4.2.1.b Objectives ; 4.2.1.c Risk Assessment 5.2 Resource Management ; 4.3 Documentation Requirements 4.2.2 Implement and operate the ISMS ; 4.2.3 Monitor and Review the ISMS 6 Internal Audits ; 7 Management Review 8 ISMS Improvement www.verde.co.in ISO 27001:2013 ISO 27001:2005
  • 9. Inspiring Excellence Steps for Transition Make a proper Transition Plan Do a gap analysis Document all interested parties (internal & external) Revisit your scope statement Align business and security objectives Review information security policy, add roles and responsibilities Review risk management procedure; identify risk owners Revisit risk assessment and get approval of treatment from risk owners Revisit your Statement of Applicability (SoA) Review required documentation – new document may be required, old document can be retired Revisit your metrics and measures Need help? EMAIL US: connect@verde.co.in For organization currently certified to 2005 version, you have time till September 2015 for transition to the new standard ISO 27001:2013 www.verde.co.in
  • 10. Inspiring Excellence Comply with business, legal, contractual and regulatory requirements Adopt a risk-based approach that informs senior-level decision-making Win new business opportunities / retain your existing customer-base Avoid large financial penalties – both regulatory fines and contractual Safeguard your own / your client’s valuable intellectual property rights Build trust & confidence that encourages your business partners & customers to entrust confidential data with the company Support a continuous process of improvement throughout the organisation www.verde.co.in Do you need help in transition to the new ISO 27001:2013 standard? Do you need help in transition to the new ISO 27001:2013 standard? Call: +91 98311 45556
  • 11. Inspiring Excellence •Awareness course on ISMS •Foundation course on ISMS •Internal Auditor course on ISMS •Transition course for ISO 27001:2013 www.verde.co.in Need Training? Do you want to arrange a customized training for your organization? Call: +91 98311 45556 Email: connect@verde.co.in
  • 12. Inspiring Excellencewww.verde.co.in This is a knowledge initiative Do you need help in transition to the new ISO 27001:2013 standard? Do you need help in transition to the new ISO 27001:2013 standard? Do you need help in fresh certification to the new ISO 27001:2013 standard? Do you want to arrange a customized training for your organization? One place for all your solutions Call us: +91 98311 45556 | Email us: connect@verde.co.in
  • 13. Inspiring Excellence What Verde does? Verde is an international advisory firm involved in the field of Responsible Business, Business Excellence and Risk Management. 1 Assessment Identifying the gaps in a system against standard(s) and requirement. to meet compliance and facilitate improvement. 2 Consulting Supporting & handholding organisations to solve their problems and to meet the gaps identified during the assessment or any other audit. 3 Training Empowering people to perform their duties effectively and efficiently. 4 Assurance & Certification Ensuring that a process, product, or service meets relevant techni cal standards and fulfils relevant requirements. www.verde.co.in Verde services in Information Communication Technology • Business Impact Assessment • Information Security Management System • Business Continuity Management • Data Centre Conformity Assessment • IT Service Management • Vulnerability and Penetration Testing (VAPT) Safety, Health & Environment People ExcellenceFood Safety Social Compliance Quality & Business Excellence Information Security Sustainability Risk Management