Presentation is loading. Please wait.

Presentation is loading. Please wait.

Governance, Risk & Compliance Using ISO 27001, ISO & ISO 22301

Published byCarmen Salazar Reyes Modified over 6 years ago

Similar presentations

Presentation on theme: "Governance, Risk & Compliance Using ISO 27001, ISO & ISO 22301"— Presentation transcript:

1 Governance, Risk & Compliance Using ISO 27001, ISO 20000 & ISO 22301
Sharing the Leading Best Practices in One Project

2 Agenda Introduction The components of the Good Governance Checklist
ISO Protecting the Information ISO 20,000 – Ensuring the Best IT Service Management ISO – Ensuring the Continuity of the Business Checklist Conclusion

3 GRC

4 Importance of GRC GRC Projects are must for various reasons
GRC has Crossed V1 Speed.

5 Three Important Components of IT

6 What is Governance? Governance is all about:
Applying the Best Practices Ensuring the Proper Control Effective and Efficient Management In a Single Sentence…. It is the “Protection Umbrella”, which is the Responsibility of Senior Management and Board of Directors.

7 What is the Solution?

8 The Solution Explore Standards

9 Gartner Hype Cycle

10 Managing the Expectations

11 Gartner’s View

12 Selecting Top 3 Standards for Comprehensive Coverage

13 Comprehensive Governance Coverage
Information Security ISO 27001 (IT) Service Management System ISO 20,000 Business Continuity ISO 22301

14 Information Security and ISO 27001
The Must have Standard.

15 What is ISO 27001? ISO 27001 is the Standard of Information Security
Two Parts ISO 27001: Specifications ISO 27002: Code of Practices Uniqueness of ISO 27001 Standard 114 Annex A Controls

16 ISO 27001

17 ISO 27000 Series.. Anxiously Waiting for…
27000: Fundamentals and Vocabulary 27001: ISMS Auditable and certifiable requirements 27002: Replaced ISO 17799 27003: ISMS Implementation Guidelines 27004: ISMS Measurement 27005: ISMS Risk Management 27006: Guide to the certification/registration process for accredited ISMS certification/registration bodies 27007: Guidance for those auditing Information Security Management Systems against ISO 27001 27031: Information security management guidelines for telecommunications

18 ISO 20,000 for (IT) Service Management System

19 ISO 20000

20 ITIL V3.0

21 ITIL It is all about the ‘Service’
IT is recognized as ‘Service Provider’ To be more specific IT is Service Provider to it’s customer Business Users

22 Based on Deming Cycle

23 Deming Cycle William Edwards Deming
(October 14, 1900 – December 20, 1993) was Statistician. Best known for his work in Japan. From 1950 onward he taught top management how to improve Design (and thus service), Product quality, Testing and s

24 ISO 22301 for Business Continuity Management

25 Importance of BCM

26 What is a Disaster?

27 Storage Recovery Strategy

28 In Summary….

29 Fast Track Implementation

30 No Standardization is No Excuse

31 Thank You!

Download ppt "Governance, Risk & Compliance Using ISO 27001, ISO & ISO 22301"

Similar presentations

Agenda What is Compliance? Risk and Compliance Management

Agenda What is Compliance? Risk and Compliance Management
Developing a Risk-Based Information Security Program

Developing a Risk-Based Information Security Program
Www.isaca-malta.org Roger Southgate Past President of ISACA London Chapter Member of the BSI Committees for Service Management and IT Governance Leader.

Roger Southgate Past President of ISACA London Chapter Member of the BSI Committees for Service Management and IT Governance Leader.
Security Controls – What Works

Security Controls – What Works
ISO/IEC 27001 Winnie Chan BADM 559 Professor Shaw 12/15/2008.

ISO/IEC Winnie Chan BADM 559 Professor Shaw 12/15/2008.
Educore Training & Consultancy. www.educore.com.tr About Us Who we are ? Educore providing services, software based solutions and products for management,

Educore Training & Consultancy. About Us Who we are ? Educore providing services, software based solutions and products for management,
1 Copyright © 2010 M. E. Kabay. All rights reserved. Security Audits, Standards, & Inspections CSH5 Chapter 54 “Security Audits, Standards and Inspections”

1 Copyright © 2010 M. E. Kabay. All rights reserved. Security Audits, Standards, & Inspections CSH5 Chapter 54 “Security Audits, Standards and Inspections”
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Information Security Governance and Risk Chapter 2 Part 1 Pages 21 to 69.

Information Security Governance and Risk Chapter 2 Part 1 Pages 21 to 69.
Brian Markham Director, DIT Compliance and Risk Services May 1, 2014

Brian Markham Director, DIT Compliance and Risk Services May 1, 2014
1Product certification CASCO Comms/061 2004-12-07 www.iso.org International Organization for Standardization.

1Product certification CASCO Comms/ International Organization for Standardization.
Roadmap to ISO Accreditation

Roadmap to ISO Accreditation
ITIL as a Standard for Service Process Management Tavipark Sreesurichan.

ITIL as a Standard for Service Process Management Tavipark Sreesurichan.
SecureAware Building an Information Security Management System.

SecureAware Building an Information Security Management System.
Evolving IT Framework Standards (Compliance and IT)

Evolving IT Framework Standards (Compliance and IT)
ISA 562 Internet Security Theory & Practice

ISA 562 Internet Security Theory & Practice
Lec#3 Project Quality Management Ghazala Amin. 2 Quality Specialist-Job responsibility Responsibilities Reports monitoring and measurement of processes.

Lec#3 Project Quality Management Ghazala Amin. 2 Quality Specialist-Job responsibility Responsibilities Reports monitoring and measurement of processes.
Introduction to ISO 9000 Standards 2/24Introduction to ISO 9000 and the management system concept A few words about ISO Refer to “ISO” not I-S-O Because.

Introduction to ISO 9000 Standards 2/24Introduction to ISO 9000 and the management system concept A few words about ISO Refer to “ISO” not I-S-O Because.
Bring Your Business into the 21 st Century : Part 1 WasteExpo 2011 Improving Your Financial Management System.

Bring Your Business into the 21 st Century : Part 1 WasteExpo 2011 Improving Your Financial Management System.
GRC - Governance, Risk MANAGEMENT, and Compliance

GRC - Governance, Risk MANAGEMENT, and Compliance

Similar presentations

Ads by Google