![[object Object],[object Object],[object Object],[object Object],[object Object],Presentation Outline](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)
Empfohlen
Empfohlen
Weitere ähnliche Inhalte
Was ist angesagt?
Was ist angesagt? (20)
Andere mochten auch
Andere mochten auch (20)
Ähnlich wie ADDRESSING CORPORATE CONCERNS
Ähnlich wie ADDRESSING CORPORATE CONCERNS (20)
Mehr von zohaibqadir
ADDRESSING CORPORATE CONCERNS
- 1. ADDRESSING CORPORATE CONCERNS ON INFORMATION SECURITY MANAGEMENT WITH ISO 17799/ BS 7799. Ajai K. Srivastava G.M. Marketing BSI India
- 3. 1.THE GLOBAL INFORMATION VILLAGE
- 4. The Global Information Village
- 6. THE DIGITAL NERVOUS SYSTEM DIGITAL NERVOUS SYSTEM Strategic Thinking Business Reflexes Basic Operations Customer Interaction BUSINESS @ THE SPEED OF THOUGHT
- 7. INFORMATION FLOW IS THE LIFEBLOOD OF YOUR BUSINESS
- 9. “ Information is an asset which, like other important business assets, has value to an organization and consequently needs to be suitably protected .” ISO/IEC 17799:2000
- 10. 2.THE NEED FOR PROTECTION
- 11. INFORMATION INFORMATION Information Security TECHNOLOGY ENVIRONMENT ATTACK ATTACK ATTACK ATTACK ATTACK ATTACK
- 13. Information Security HUMAN FIREWALL HUMAN FIREWALL INFORMATION TECHNOLOGY ENVIRONMENT INFORMATION ATTACK ATTACK ATTACK ATTACK ATTACK ATTACK POLICIES PROCESSES STANDARDS TRAINING
- 14. Information Security POLICIES PROCESSES STANDARDS TRAINING HUMAN FIREWALL HUMAN FIREWALL INFORMATION TECHNOLOGY ENVIRONMENT INFORMATION ATTACK ATTACK ATTACK ATTACK ATTACK ATTACK ATTACK ATTACK ATTACK ATTACK
- 15. Information Security MANAGEMENT MANAGEMENT POLICIES PROCESSES STANDARDS TRAINING HUMAN FIREWALL HUMAN FIREWALL INFORMATION TECHNOLOGY ENVIRONMENT INFORMATION
- 16. Management System – Building Blocks Core Processes Inputs Support Processes Management Resource Outputs Total Business Management System
- 17. Business Management System Quality Environment Health and Safety Risk Information Security People Improvement
- 18. Business Management System BSI - IMS Risk BSI Risk Mgmt H & S OHSAS 18001 Improvement ISO 9004 Customers BS 8600 Info Sec BS 7799 Environment ISO 14001 Quality ISO9001:2000 QS-9000 / TS 16949 AS9000 / AS9100 TL9000
- 19. ISO 9004 Performance Improvement All Interested Parties ISO 17799 Information Security Management OHSAS 18001 Health and Safety Management ISO 14001 Environmental Management ISO 9001 Quality Management Stakeholders Involved Increasing Aspects Covered Management Systems & Standards
- 22. The Virtuous M S Spiral Commitment and Policy Planning Implementation and Operation Checking and Corrective Action Management Review Continual Improvement
- 24. The First Global Information Security Survey –KPMG 2002 Critical Security Concerns VIRUSES –22% HACKERS – 21% R.A.CONTROLS-17% INTERNET SECURITY-17% DATA PRIVACY- 10 %
- 25. What is the damage The First Global Information Security Survey – KPMG 2002 QUANTIFIABLE The average direct loss of all breaches suffered by each organization is USD$108,000. GBP 30,000 INR 500,000
- 28. 3.BS 7799 – AN OVERVIEW
- 33. BS 7799 –10 Domains of Information Management System Development Access Controls Asset Classification Controls Information Security Policy Security Organisation Personnel Security Physical Security Continuity Planning Compliance INFORMATION Staff Records Client Records Financial Records Communications Management
- 34. 4.IMPLEMENTING AN ISMS BASED ON BS 7799
- 35. BS 7799Registrations Around the Globe
- 36. BS 7799Registrations In India
- 37. Measure/Analyse Progress Building a Management System INPUT Client Business Awareness OUTPUT BSI Certification Business Improvement Develop Management System Build Process BSI Consultant Client
- 39. Risk Assessment and Risk Management Process
- 40. BS 7799 Implementation Security Organisation Classify Assets Information Security Policy Apply the Controls Operationalise Process Check Process Corrective Action Management Review Plan Act Check Do
- 43. 5.BENEFITS OF BS 7799
- 46. Further Information Email: ajai . srivastava @ bsiindia .com Tel: +11 2371 9002/3 Fax: +11 2373 9003
Hinweis der Redaktion
- Introduction slide Presentation will cover: WHY you need an Information Security System WHAT the 7799 series gives you HOW BSI can further assist you
- Introduction slide Presentation will cover: WHY you need an Information Security System WHAT the 7799 series gives you HOW BSI can further assist you
- Some of the businesses that did better in the wake of the WTC disaster, were able to re-host their business operations almost immediately using Business Continuance solutions. These solutions automatically relocated their data center operations in the minutes immediately following the loss of the data centers. This minimized the impact of the failure for businesses that had implemented these solutions, allowing them to quickly return to normal operations, and then to take the time that they needed to re-establish and recover their original data centers while the businesses continued to operate. These types of solutions can take advantage of redundant infrastructure that a business may have available, in other sites and locations or at partner sites. Many businesses had also outsourced this service from service providers that included IBM, Comdisco, and Sunguard.
- Intended for use as a reference document. Provides a comprehensive set of security controls. The best information security practices in use. It comprises of 10 control sections.
- Remember: - only first document is ISO and it is at least three years away before second document becomes ISO - 7 countries voted against ISO but majority rule carried the document through, (USA, Canada, France, Germany),
- It is necessary for the management system to be effective in the organization. If the company has taken a standard of the shelf package it is not a good start. This would be quiet easily identified by the auditor. Then is the company serious about the subject matter, or are they just paying lip service to information security.