Download presentation
Published byJaiden Rippon Modified over 10 years ago
1
PhoenixPro Procurement. technology. contracts. projects.
2
PhoenixPro Procurement. technology. contracts. projects.
3
Roadmap to ISO27001 Certification
Initial Interviews Define ISMS Scope & Objectives Define ISMS Policy Statement Management Sign-off ISMS Foundation Asset Register Threat & Vulnerability Analysis Business Impact Analysis Risk Assessment Risk Treatment Plan Statement of Applicability Gap Analysis Management Approval Planning & Risk Analysis Implementation Plan Process Controls Security Solutions Vulnerability Management and Attack & Penetration Awareness & User Training Evidence Gathering Implementation Planning & Execution Internal Audit Control Effectiveness Review Pre Audit Review & Evaluation Internal "Mock" Review Management Review Pre Audit Preparations Readiness for Certification Audit ISMS Quality Assurance
4
Practical Tips & Hints PhoenixPro Why do it? Is it worth it?
How technical is the external certification audit? Is it “all or nothing”? I am compliant, how do I justify certification? Why not do it on our own? Type of resources needed? Key Areas to Watch ISO27001 is not shelf ware Policies means €€€€s!!! All “Assessments” need to be fair DR / BCP a particular challenge Outsourcing is allowed WITH SLAs Procurement. Contracts. Technology. Projects.
5
PhoenixPro Procurement. technology. contracts. projects.
Georgios A. korellis PhoenixPro Procurement. technology. contracts. projects.
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.