SlideShare a Scribd company logo

Why ISO27001 For My Organisation

Vigilant Software
Vigilant Software

, hosted by Alan Calder CEO and founder of Vigilant Software and acknowledged information security risk assessment and management thought leader, explains and discusses what is information security? What is an information security management system (ISMS)? What is ISO 27001? Why should I and my organisation care about ISO 27001?

BusinessTechnology
1 of 20
Download to read offline
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Alan Calder CEO, Vigilant Software Thursday May 9th PLEASE NOTE THAT ALL DELEGATES IN THE TELECONFERENCE ARE MUTED ON JOINING. Q&A IS HANDLED THROUGH A COMBINATION OF WEBEX CHAT/TEXT AND VOICE Why ISO 27001 for my Organisation?
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Alan Calder • CEO and founder of Vigilant Software. • Acknowledged information security/risk management thought leader. • Managed the world’s first successful ISO 27001 (then BS7799) implementation project in 1996. • Frequent media commentator on risk management issues. • Co-author of vsRisk™ – the definitive cyber security risk assessment tool.
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Today’s Webinar in Context • Today’s webinar is #1 in a series of 4 educational webinars. • The 4 webinars are designed to take you on a learning journey: • Webinar 1 (Today) - Why ISO 27001 for my Organisation? • Webinar 2 – The Importance of risk management. • Webinar 3 – Carrying out a risk assessment using vsRisk. • Webinar 4 – Maintaining/updating your risk assessment using vsRisk. • Registration details of these webinars at the end.
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Today’s Agenda • A short 20-30 minutes educational and informative talk on: • What is information security? • What is an information security management system (ISMS)? • What is ISO 27001? • The drivers for ISO 27001. • Why should my organisation care about ISO 27001? • Accredited Certification. • The central role of risk assessment in ISO 27001. • Ample time for Q&A. • Next steps.
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 What is information security? ‘Preservation of confidentiality, integrity and availability of information; in addition, other properties such as authenticity, accountability, non-repudiation and reliability can also be involved’. ISO/IEC 27001:2005
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 What is an ISMS? Information Security Management System (ISMS): Systematic approach to managing confidential or sensitive corporate information so that it remains secure.
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 What is ISO 27001? • An ISMS standard that replaced BS77799-2:2002 in late 2005. • The world’s only cyber security standard. • Formally specifies an ISMS that is intended to bring information security under explicit management control. • Best practice specification that helps businesses and organisations throughout the world develop a best-in-class ISMS. • Adopts the Plan-Do-Check-Act (PDCA) model.
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Plan-Do-Check-Act
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Drivers for ISO 27001 • Clients need confidence in their supply chain. • Breaches of Personal Data can bring fines up to £500k by the Information Commissioner. • Data Handling Review 2008 – better information security in Govt and down the food chain. • Improved reputational protection. • Balance expenditure to the information security risk.
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Why should my organisation care about ISO 27001? Reason 1 - Compliance ISO 27001 can bring in the methodology that enables organisations to comply in the most efficient way. Certification is often the quickest ‘return on investment’ – if an organisation must comply to various regulations regarding data protection, privacy and IT governance (particularly if it is a financial, health or government organisation).
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Why should my organisation care about ISO 27001? Reason 2 - Marketing edge In a market which is more and more competitive, it is sometimes very difficult to find something that will differentiate you in the eyes of your customers. ISO 27001 could be indeed a unique selling point, especially if you handle clients’ sensitive information.
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Why should my organisation care about ISO 27001? Reason 3 - Lowering the expenses Information security is usually considered as a cost with no obvious financial gain. However, there is financial gain if you lower your expenses caused by incidents. You probably do have interruption in service, or occasional data leakage, or disgruntled employees. Or disgruntled former employees.
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Why should my organisation care about ISO 27001? Reason 4 - Putting your business in order ISO 27001 is particularly good in sorting out those thorny management system issues – it forces you to define very precisely both the responsibilities and duties, and therefore strengthen your internal organisation.
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Accredited Certification •Provides evidence of Information Security Management System assurance. •Verified by independent auditor. •In UK authority is UKAS Accredited Certification scheme: World wide recognition. •National certification body – member of International Accreditation Forum.
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 The central role of risk assessment in ISO 27001 ISO 27001:2005 conformance requires implementation and documentation of an Information Security Management System (ISMS) implementing controls selected in accordance with 4.2..1.g, (control objectives in Annex A)
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 The central role of risk assessment in ISO 27001 •Structured ISMS gives: • Best practice. • Marketing opportunities. • Compliance to Corporate Governance requirements. • Appropriate action to comply with law. • Systematic approach to risks. • Credibility with staff, customers and partner organisations. • Informed decisions on security investments.
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Next Steps – Upcoming Educational Webinars • Webinar 2 - The Importance of Risk Management - Thursday May 16th, 4pm UK Time (Next week). • Webinar 3 - Carrying out a Risk Assessment using vsRisk - Thursday May 23rd, 4pm UK Time. • Webinar 4 - Maintaining and Updating your Risk Assessment using vsRisk - Thursday May 30th, 4pm UK Time. Includes announcement of special offer for vsRisk for webinar registrants. Registration details at http://www.vigilantsoftware.co.uk/webinars.aspx
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Before the next webinars… Read a book… Read the world's first practical e-book guidance on achieving ISO 27001 certification and the nine essential steps to an effective ISMS implementation. Available for £25.95 (usually £29.95) http://www.vigilantsoftware.co.uk/pr oduct/1651.aspx Download a free trial of vsRisk The cyber security risk assessment tool compliant to ISO 27001 that automates and accelerates the risk management process. 15-day free trial at http://www.vigilantsoftware.co.uk
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Next Steps – Want to know more? If you would like to know more about ISO 27001, including how to carry out an ISO 27001-compliant risk assessment, please visit http://www.vigilantsoftware.co.uk/ or email servicecentre@vigilantsoftware.co.uk.
“The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Questions – we welcome them all! Please type your questions into the gotowebinar chat window – responses will generally be verbal and shared with all delegates.

Recommended

Basic introduction to iso27001
Basic introduction to iso27001Basic introduction to iso27001
Basic introduction to iso27001Imran Ahmed
 
ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview Ahmed Riad .
 
ISO 27001 Benefits
ISO 27001 BenefitsISO 27001 Benefits
ISO 27001 BenefitsDejan Kosutic
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewShankar Subramaniyan
 
Iso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromIso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromMart Rovers
 
Implementing ISO27001 2013
Implementing ISO27001 2013Implementing ISO27001 2013
Implementing ISO27001 2013scttmcvy
 
Overview of ISO 27001 ISMS
Overview of ISO 27001 ISMSOverview of ISO 27001 ISMS
Overview of ISO 27001 ISMSAkhil Garg
 
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingOperational Excellence Consulting
 

Recommended

Basic introduction to iso27001
Basic introduction to iso27001Basic introduction to iso27001
Basic introduction to iso27001Imran Ahmed
 
ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview Ahmed Riad .
 
ISO 27001 Benefits
ISO 27001 BenefitsISO 27001 Benefits
ISO 27001 BenefitsDejan Kosutic
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewShankar Subramaniyan
 
Iso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromIso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromMart Rovers
 
Implementing ISO27001 2013
Implementing ISO27001 2013Implementing ISO27001 2013
Implementing ISO27001 2013scttmcvy
 
Overview of ISO 27001 ISMS
Overview of ISO 27001 ISMSOverview of ISO 27001 ISMS
Overview of ISO 27001 ISMSAkhil Garg
 
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingOperational Excellence Consulting
 
ISO 27001 Certification - The Benefits and Challenges
ISO 27001 Certification - The Benefits and ChallengesISO 27001 Certification - The Benefits and Challenges
ISO 27001 Certification - The Benefits and ChallengesCertification Europe
 
ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3Tanmay Shinde
 
Iso 27001 awareness
Iso 27001 awarenessIso 27001 awareness
Iso 27001 awarenessÃsħâr Ãâlâm
 
ISO 27001 - Information Security Management System
ISO 27001 - Information Security Management SystemISO 27001 - Information Security Management System
ISO 27001 - Information Security Management SystemMuhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 
ISO 27001:2022 Introduction
ISO 27001:2022 IntroductionISO 27001:2022 Introduction
ISO 27001:2022 IntroductionAndrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
27001 awareness Training
27001 awareness Training27001 awareness Training
27001 awareness TrainingDr Madhu Aman Sharma
 
ISO 27001 2013 isms final overview
ISO 27001 2013 isms final overviewISO 27001 2013 isms final overview
ISO 27001 2013 isms final overviewNaresh Rao
 
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA
 
What is iso 27001 isms
What is iso 27001 ismsWhat is iso 27001 isms
What is iso 27001 ismsCraig Willetts ISO Expert
 
ISO 27001 How to use the ISMS Implementation Toolkit.pdf
ISO 27001 How to use the ISMS Implementation Toolkit.pdfISO 27001 How to use the ISMS Implementation Toolkit.pdf
ISO 27001 How to use the ISMS Implementation Toolkit.pdfAndrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032PECB
 
Iso 27001 2013
Iso 27001 2013Iso 27001 2013
Iso 27001 2013Magda CHELLY, Ph.D, S-CISO, CISSP®
 
ISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxDr Madhu Aman Sharma
 
ISMS Part I
ISMS Part IISMS Part I
ISMS Part Ikhushboo
 
2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdf2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdfControlCase
 
Structure of iso 27001
Structure of iso 27001Structure of iso 27001
Structure of iso 27001CUNIX INDIA
 
ISO 27001_2022 Standard_Presentation.pdf
ISO 27001_2022 Standard_Presentation.pdfISO 27001_2022 Standard_Presentation.pdf
ISO 27001_2022 Standard_Presentation.pdfSerkanRafetHalil1
 
ISO_ 27001:2022 Controls & Clauses.pptx
ISO_ 27001:2022 Controls & Clauses.pptxISO_ 27001:2022 Controls & Clauses.pptx
ISO_ 27001:2022 Controls & Clauses.pptxforam74
 
Isms awareness presentation
Isms awareness presentationIsms awareness presentation
Isms awareness presentationPranay Kumar
 
Steps to iso 27001 implementation
Steps to iso 27001 implementationSteps to iso 27001 implementation
Steps to iso 27001 implementationRalf Braga
 
Iso27001 The Road To Certification
Iso27001 The Road To CertificationIso27001 The Road To Certification
Iso27001 The Road To Certificationtschraider
 
ISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureUppala Anand
 

More Related Content

What's hot

ISO 27001 Certification - The Benefits and Challenges
ISO 27001 Certification - The Benefits and ChallengesISO 27001 Certification - The Benefits and Challenges
ISO 27001 Certification - The Benefits and ChallengesCertification Europe
 
ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3Tanmay Shinde
 
ISO 27001 2013 isms final overview
ISO 27001 2013 isms final overviewISO 27001 2013 isms final overview
ISO 27001 2013 isms final overviewNaresh Rao
 
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032PECB
 
ISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxDr Madhu Aman Sharma
 
ISMS Part I
ISMS Part IISMS Part I
ISMS Part Ikhushboo
 
2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdf2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdfControlCase
 
Structure of iso 27001
Structure of iso 27001Structure of iso 27001
Structure of iso 27001CUNIX INDIA
 
ISO 27001_2022 Standard_Presentation.pdf
ISO 27001_2022 Standard_Presentation.pdfISO 27001_2022 Standard_Presentation.pdf
ISO 27001_2022 Standard_Presentation.pdfSerkanRafetHalil1
 
ISO_ 27001:2022 Controls & Clauses.pptx
ISO_ 27001:2022 Controls & Clauses.pptxISO_ 27001:2022 Controls & Clauses.pptx
ISO_ 27001:2022 Controls & Clauses.pptxforam74
 
Isms awareness presentation
Isms awareness presentationIsms awareness presentation
Isms awareness presentationPranay Kumar
 
Steps to iso 27001 implementation
Steps to iso 27001 implementationSteps to iso 27001 implementation
Steps to iso 27001 implementationRalf Braga
 

What's hot (20)

ISO 27001 Certification - The Benefits and Challenges
ISO 27001 Certification - The Benefits and ChallengesISO 27001 Certification - The Benefits and Challenges
ISO 27001 Certification - The Benefits and Challenges
 
ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3
 
Iso 27001 awareness
Iso 27001 awarenessIso 27001 awareness
Iso 27001 awareness
 
ISO 27001 - Information Security Management System
ISO 27001 - Information Security Management SystemISO 27001 - Information Security Management System
ISO 27001 - Information Security Management System
 
ISO 27001:2022 Introduction
ISO 27001:2022 IntroductionISO 27001:2022 Introduction
ISO 27001:2022 Introduction
 
27001 awareness Training
27001 awareness Training27001 awareness Training
27001 awareness Training
 
ISO 27001 2013 isms final overview
ISO 27001 2013 isms final overviewISO 27001 2013 isms final overview
ISO 27001 2013 isms final overview
 
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation Guide
 
What is iso 27001 isms
What is iso 27001 ismsWhat is iso 27001 isms
What is iso 27001 isms
 
ISO 27001 How to use the ISMS Implementation Toolkit.pdf
ISO 27001 How to use the ISMS Implementation Toolkit.pdfISO 27001 How to use the ISMS Implementation Toolkit.pdf
ISO 27001 How to use the ISMS Implementation Toolkit.pdf
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032
 
Iso 27001 2013
Iso 27001 2013Iso 27001 2013
Iso 27001 2013
 
ISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptx
 
ISMS Part I
ISMS Part IISMS Part I
ISMS Part I
 
2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdf2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdf
 
Structure of iso 27001
Structure of iso 27001Structure of iso 27001
Structure of iso 27001
 
ISO 27001_2022 Standard_Presentation.pdf
ISO 27001_2022 Standard_Presentation.pdfISO 27001_2022 Standard_Presentation.pdf
ISO 27001_2022 Standard_Presentation.pdf
 
ISO_ 27001:2022 Controls & Clauses.pptx
ISO_ 27001:2022 Controls & Clauses.pptxISO_ 27001:2022 Controls & Clauses.pptx
ISO_ 27001:2022 Controls & Clauses.pptx
 
Isms awareness presentation
Isms awareness presentationIsms awareness presentation
Isms awareness presentation
 
Steps to iso 27001 implementation
Steps to iso 27001 implementationSteps to iso 27001 implementation
Steps to iso 27001 implementation
 

Viewers also liked

Iso27001 The Road To Certification
Iso27001 The Road To CertificationIso27001 The Road To Certification
Iso27001 The Road To Certificationtschraider
 
ISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureUppala Anand
 
The importance of information security risk management
The importance of information security risk managementThe importance of information security risk management
The importance of information security risk managementMichael Francis
 
ISO 27002 2013 Atualizações / mudanças
ISO 27002 2013 Atualizações / mudanças ISO 27002 2013 Atualizações / mudanças
ISO 27002 2013 Atualizações / mudanças Fernando Palma
 
"I am Certified, but am I Safe?" - Information Security Summit, Kuala Lumpur,...
"I am Certified, but am I Safe?" - Information Security Summit, Kuala Lumpur,..."I am Certified, but am I Safe?" - Information Security Summit, Kuala Lumpur,...
"I am Certified, but am I Safe?" - Information Security Summit, Kuala Lumpur,...Anup Narayanan
 
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...PECB
 
Iso27001 Isaca Seminar (23 May 08)
Iso27001 Isaca Seminar (23 May 08)Iso27001 Isaca Seminar (23 May 08)
Iso27001 Isaca Seminar (23 May 08)samsontamwaiho
 
Iso27001 Audit Services
Iso27001 Audit ServicesIso27001 Audit Services
Iso27001 Audit Servicestschraider
 
Why ISO-27001 is a better choice?
Why ISO-27001 is a better choice? Why ISO-27001 is a better choice?
Why ISO-27001 is a better choice? Patten John
 
IBM Security Strategy Overview
IBM Security Strategy OverviewIBM Security Strategy Overview
IBM Security Strategy Overviewxband
 
Information Security Management Systems(ISMS) By Dr Wafula
Information Security Management Systems(ISMS) By Dr WafulaInformation Security Management Systems(ISMS) By Dr Wafula
Information Security Management Systems(ISMS) By Dr WafulaDiscover JKUAT
 
Iso27001 Risk Assessment Approach
Iso27001 Risk Assessment ApproachIso27001 Risk Assessment Approach
Iso27001 Risk Assessment Approachtschraider
 
ISO 27001 Implementation_Documentation_Mandatory_List
ISO 27001 Implementation_Documentation_Mandatory_ListISO 27001 Implementation_Documentation_Mandatory_List
ISO 27001 Implementation_Documentation_Mandatory_ListSriramITISConsultant
 
ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2Tanmay Shinde
 
What is ISO 27001 ISMS
What is ISO 27001 ISMSWhat is ISO 27001 ISMS
What is ISO 27001 ISMSBusiness Beam
 
Hazard Identification, Risk Assessment and Risk Control (HIRARC) Malay version
Hazard Identification, Risk Assessment and Risk Control (HIRARC) Malay versionHazard Identification, Risk Assessment and Risk Control (HIRARC) Malay version
Hazard Identification, Risk Assessment and Risk Control (HIRARC) Malay versionNorrazman Zaiha Zainol
 
ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1Tanmay Shinde
 
Using vsRisk to carry out a risk assessment
Using vsRisk to carry out a risk assessmentUsing vsRisk to carry out a risk assessment
Using vsRisk to carry out a risk assessmentMichael Francis
 

Viewers also liked (20)

Iso27001 The Road To Certification
Iso27001 The Road To CertificationIso27001 The Road To Certification
Iso27001 The Road To Certification
 
ISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedure
 
The importance of information security risk management
The importance of information security risk managementThe importance of information security risk management
The importance of information security risk management
 
ISO 27002 2013 Atualizações / mudanças
ISO 27002 2013 Atualizações / mudanças ISO 27002 2013 Atualizações / mudanças
ISO 27002 2013 Atualizações / mudanças
 
"I am Certified, but am I Safe?" - Information Security Summit, Kuala Lumpur,...
"I am Certified, but am I Safe?" - Information Security Summit, Kuala Lumpur,..."I am Certified, but am I Safe?" - Information Security Summit, Kuala Lumpur,...
"I am Certified, but am I Safe?" - Information Security Summit, Kuala Lumpur,...
 
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...
 
Iso27001 Isaca Seminar (23 May 08)
Iso27001 Isaca Seminar (23 May 08)Iso27001 Isaca Seminar (23 May 08)
Iso27001 Isaca Seminar (23 May 08)
 
Iso27001 Audit Services
Iso27001 Audit ServicesIso27001 Audit Services
Iso27001 Audit Services
 
ISMS implementation challenges-KASYS
ISMS implementation challenges-KASYSISMS implementation challenges-KASYS
ISMS implementation challenges-KASYS
 
Why ISO-27001 is a better choice?
Why ISO-27001 is a better choice? Why ISO-27001 is a better choice?
Why ISO-27001 is a better choice?
 
IBM Security Strategy Overview
IBM Security Strategy OverviewIBM Security Strategy Overview
IBM Security Strategy Overview
 
Information Security Management Systems(ISMS) By Dr Wafula
Information Security Management Systems(ISMS) By Dr WafulaInformation Security Management Systems(ISMS) By Dr Wafula
Information Security Management Systems(ISMS) By Dr Wafula
 
Iso27001 Risk Assessment Approach
Iso27001 Risk Assessment ApproachIso27001 Risk Assessment Approach
Iso27001 Risk Assessment Approach
 
ISO 27001 Implementation_Documentation_Mandatory_List
ISO 27001 Implementation_Documentation_Mandatory_ListISO 27001 Implementation_Documentation_Mandatory_List
ISO 27001 Implementation_Documentation_Mandatory_List
 
ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2
 
What is ISO 27001 ISMS
What is ISO 27001 ISMSWhat is ISO 27001 ISMS
What is ISO 27001 ISMS
 
Hazard Identification, Risk Assessment and Risk Control (HIRARC) Malay version
Hazard Identification, Risk Assessment and Risk Control (HIRARC) Malay versionHazard Identification, Risk Assessment and Risk Control (HIRARC) Malay version
Hazard Identification, Risk Assessment and Risk Control (HIRARC) Malay version
 
risk assessment
risk assessment risk assessment
risk assessment
 
ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1
 
Using vsRisk to carry out a risk assessment
Using vsRisk to carry out a risk assessmentUsing vsRisk to carry out a risk assessment
Using vsRisk to carry out a risk assessment
 

Similar to Why ISO27001 For My Organisation

Why ISO27001/ISO27005 for my organisation
Why ISO27001/ISO27005 for my organisationWhy ISO27001/ISO27005 for my organisation
Why ISO27001/ISO27005 for my organisationMichael Francis
 
Maintaining and updating your risk assessment using vsRisk
Maintaining and updating your risk assessment using vsRiskMaintaining and updating your risk assessment using vsRisk
Maintaining and updating your risk assessment using vsRiskMichael Francis
 
The Importance of Risk Management
The Importance of Risk ManagementThe Importance of Risk Management
The Importance of Risk ManagementVigilant Software
 
Maintaining and updating your risk assessment using vsRisk
Maintaining and updating your risk assessment using vsRiskMaintaining and updating your risk assessment using vsRisk
Maintaining and updating your risk assessment using vsRiskVigilant Software
 
vsRisk - features and benefits.ppt
vsRisk - features and benefits.pptvsRisk - features and benefits.ppt
vsRisk - features and benefits.pptscribdJobAN
 
A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...
A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...
A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...Tromenz Learning
 
NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NA Putra
 
NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NQA
 
iso 27001 certification
iso 27001 certificationiso 27001 certification
iso 27001 certificationdenieljulian79
 
Cyber Security and Cloud Security
Cyber Security and Cloud SecurityCyber Security and Cloud Security
Cyber Security and Cloud SecurityIT Governance Ltd
 
ISO 27001 Certification What It Is And Why You Need It.pdf
ISO 27001 Certification What It Is And Why You Need It.pdfISO 27001 Certification What It Is And Why You Need It.pdf
ISO 27001 Certification What It Is And Why You Need It.pdfOFFICE
 
Iso 27001 certification in oman
Iso 27001 certification in omanIso 27001 certification in oman
Iso 27001 certification in omanKumudaFactocert
 
Ants and Elephants in the CISO's Office by Paul Rain
Ants and Elephants in the CISO's Office by Paul RainAnts and Elephants in the CISO's Office by Paul Rain
Ants and Elephants in the CISO's Office by Paul RainPriyanka Aash
 
Iso 27001 certification in oman
Iso 27001 certification in omanIso 27001 certification in oman
Iso 27001 certification in omanKumudaFactocert
 
ISO 27001 certification cost in Bangalore.ppt
ISO 27001 certification cost in Bangalore.pptISO 27001 certification cost in Bangalore.ppt
ISO 27001 certification cost in Bangalore.pptHardinScott8
 
ISO 27001 Certification in indiamain .ppt
ISO 27001 Certification in indiamain .pptISO 27001 Certification in indiamain .ppt
ISO 27001 Certification in indiamain .pptHardinScott8
 
How to get iso 27001 certification in uganda
How to get iso 27001 certification in ugandaHow to get iso 27001 certification in uganda
How to get iso 27001 certification in ugandaAnoosha Factocert
 

Similar to Why ISO27001 For My Organisation (20)

Why ISO27001/ISO27005 for my organisation
Why ISO27001/ISO27005 for my organisationWhy ISO27001/ISO27005 for my organisation
Why ISO27001/ISO27005 for my organisation
 
Maintaining and updating your risk assessment using vsRisk
Maintaining and updating your risk assessment using vsRiskMaintaining and updating your risk assessment using vsRisk
Maintaining and updating your risk assessment using vsRisk
 
The Importance of Risk Management
The Importance of Risk ManagementThe Importance of Risk Management
The Importance of Risk Management
 
Maintaining and updating your risk assessment using vsRisk
Maintaining and updating your risk assessment using vsRiskMaintaining and updating your risk assessment using vsRisk
Maintaining and updating your risk assessment using vsRisk
 
Cyber Security Management
Cyber Security ManagementCyber Security Management
Cyber Security Management
 
vsRisk - features and benefits.ppt
vsRisk - features and benefits.pptvsRisk - features and benefits.ppt
vsRisk - features and benefits.ppt
 
A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...
A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...
A Comprehensive Guide To Information Security Excellence ISO 27001 Certificat...
 
Iso 27001 isms - white paper
Iso 27001 isms - white paperIso 27001 isms - white paper
Iso 27001 isms - white paper
 
Iso 27001 isms
Iso 27001 ismsIso 27001 isms
Iso 27001 isms
 
NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001
 
NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001
 
iso 27001 certification
iso 27001 certificationiso 27001 certification
iso 27001 certification
 
Cyber Security and Cloud Security
Cyber Security and Cloud SecurityCyber Security and Cloud Security
Cyber Security and Cloud Security
 
ISO 27001 Certification What It Is And Why You Need It.pdf
ISO 27001 Certification What It Is And Why You Need It.pdfISO 27001 Certification What It Is And Why You Need It.pdf
ISO 27001 Certification What It Is And Why You Need It.pdf
 
Iso 27001 certification in oman
Iso 27001 certification in omanIso 27001 certification in oman
Iso 27001 certification in oman
 
Ants and Elephants in the CISO's Office by Paul Rain
Ants and Elephants in the CISO's Office by Paul RainAnts and Elephants in the CISO's Office by Paul Rain
Ants and Elephants in the CISO's Office by Paul Rain
 
Iso 27001 certification in oman
Iso 27001 certification in omanIso 27001 certification in oman
Iso 27001 certification in oman
 
ISO 27001 certification cost in Bangalore.ppt
ISO 27001 certification cost in Bangalore.pptISO 27001 certification cost in Bangalore.ppt
ISO 27001 certification cost in Bangalore.ppt
 
ISO 27001 Certification in indiamain .ppt
ISO 27001 Certification in indiamain .pptISO 27001 Certification in indiamain .ppt
ISO 27001 Certification in indiamain .ppt
 
How to get iso 27001 certification in uganda
How to get iso 27001 certification in ugandaHow to get iso 27001 certification in uganda
How to get iso 27001 certification in uganda
 

Recently uploaded

HONOR Veterans Event Keynote by Michael Hawkins
HONOR Veterans Event Keynote by Michael HawkinsHONOR Veterans Event Keynote by Michael Hawkins
HONOR Veterans Event Keynote by Michael HawkinsMichael W. Hawkins
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...amitlee9823
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Dipal Arora
 
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.Aaiza Hassan
 
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan CommunicationsPharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communicationskarancommunications
 
Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...Roland Driesen
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxWorkforce Group
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...lizamodels9
 
Grateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfGrateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfPaul Menig
 
Regression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRegression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRavindra Nath Shukla
 
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒anilsa9823
 
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptxB.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptxpriyanshujha201
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...rajveerescorts2022
 
John Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdfJohn Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdfAmzadHosen3
 
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...Lviv Startup Club
 
Monthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxMonthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxAndy Lambert
 
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLMONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLSeo
 
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...lizamodels9
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...Aggregage
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756dollysharma2066
 

Recently uploaded (20)

HONOR Veterans Event Keynote by Michael Hawkins
HONOR Veterans Event Keynote by Michael HawkinsHONOR Veterans Event Keynote by Michael Hawkins
HONOR Veterans Event Keynote by Michael Hawkins
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
 
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.
 
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan CommunicationsPharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communications
 
Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
 
Grateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfGrateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdf
 
Regression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRegression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear Regression
 
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
 
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptxB.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
 
John Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdfJohn Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdf
 
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
 
Monthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxMonthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptx
 
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLMONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
 
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
 

Why ISO27001 For My Organisation

  • 1. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Alan Calder CEO, Vigilant Software Thursday May 9th PLEASE NOTE THAT ALL DELEGATES IN THE TELECONFERENCE ARE MUTED ON JOINING. Q&A IS HANDLED THROUGH A COMBINATION OF WEBEX CHAT/TEXT AND VOICE Why ISO 27001 for my Organisation?
  • 2. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Alan Calder • CEO and founder of Vigilant Software. • Acknowledged information security/risk management thought leader. • Managed the world’s first successful ISO 27001 (then BS7799) implementation project in 1996. • Frequent media commentator on risk management issues. • Co-author of vsRisk™ – the definitive cyber security risk assessment tool.
  • 3. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Today’s Webinar in Context • Today’s webinar is #1 in a series of 4 educational webinars. • The 4 webinars are designed to take you on a learning journey: • Webinar 1 (Today) - Why ISO 27001 for my Organisation? • Webinar 2 – The Importance of risk management. • Webinar 3 – Carrying out a risk assessment using vsRisk. • Webinar 4 – Maintaining/updating your risk assessment using vsRisk. • Registration details of these webinars at the end.
  • 4. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Today’s Agenda • A short 20-30 minutes educational and informative talk on: • What is information security? • What is an information security management system (ISMS)? • What is ISO 27001? • The drivers for ISO 27001. • Why should my organisation care about ISO 27001? • Accredited Certification. • The central role of risk assessment in ISO 27001. • Ample time for Q&A. • Next steps.
  • 5. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 What is information security? ‘Preservation of confidentiality, integrity and availability of information; in addition, other properties such as authenticity, accountability, non-repudiation and reliability can also be involved’. ISO/IEC 27001:2005
  • 6. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 What is an ISMS? Information Security Management System (ISMS): Systematic approach to managing confidential or sensitive corporate information so that it remains secure.
  • 7. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 What is ISO 27001? • An ISMS standard that replaced BS77799-2:2002 in late 2005. • The world’s only cyber security standard. • Formally specifies an ISMS that is intended to bring information security under explicit management control. • Best practice specification that helps businesses and organisations throughout the world develop a best-in-class ISMS. • Adopts the Plan-Do-Check-Act (PDCA) model.
  • 8. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Plan-Do-Check-Act
  • 9. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Drivers for ISO 27001 • Clients need confidence in their supply chain. • Breaches of Personal Data can bring fines up to £500k by the Information Commissioner. • Data Handling Review 2008 – better information security in Govt and down the food chain. • Improved reputational protection. • Balance expenditure to the information security risk.
  • 10. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Why should my organisation care about ISO 27001? Reason 1 - Compliance ISO 27001 can bring in the methodology that enables organisations to comply in the most efficient way. Certification is often the quickest ‘return on investment’ – if an organisation must comply to various regulations regarding data protection, privacy and IT governance (particularly if it is a financial, health or government organisation).
  • 11. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Why should my organisation care about ISO 27001? Reason 2 - Marketing edge In a market which is more and more competitive, it is sometimes very difficult to find something that will differentiate you in the eyes of your customers. ISO 27001 could be indeed a unique selling point, especially if you handle clients’ sensitive information.
  • 12. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Why should my organisation care about ISO 27001? Reason 3 - Lowering the expenses Information security is usually considered as a cost with no obvious financial gain. However, there is financial gain if you lower your expenses caused by incidents. You probably do have interruption in service, or occasional data leakage, or disgruntled employees. Or disgruntled former employees.
  • 13. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Why should my organisation care about ISO 27001? Reason 4 - Putting your business in order ISO 27001 is particularly good in sorting out those thorny management system issues – it forces you to define very precisely both the responsibilities and duties, and therefore strengthen your internal organisation.
  • 14. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Accredited Certification •Provides evidence of Information Security Management System assurance. •Verified by independent auditor. •In UK authority is UKAS Accredited Certification scheme: World wide recognition. •National certification body – member of International Accreditation Forum.
  • 15. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 The central role of risk assessment in ISO 27001 ISO 27001:2005 conformance requires implementation and documentation of an Information Security Management System (ISMS) implementing controls selected in accordance with 4.2..1.g, (control objectives in Annex A)
  • 16. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 The central role of risk assessment in ISO 27001 •Structured ISMS gives: • Best practice. • Marketing opportunities. • Compliance to Corporate Governance requirements. • Appropriate action to comply with law. • Systematic approach to risks. • Credibility with staff, customers and partner organisations. • Informed decisions on security investments.
  • 17. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Next Steps – Upcoming Educational Webinars • Webinar 2 - The Importance of Risk Management - Thursday May 16th, 4pm UK Time (Next week). • Webinar 3 - Carrying out a Risk Assessment using vsRisk - Thursday May 23rd, 4pm UK Time. • Webinar 4 - Maintaining and Updating your Risk Assessment using vsRisk - Thursday May 30th, 4pm UK Time. Includes announcement of special offer for vsRisk for webinar registrants. Registration details at http://www.vigilantsoftware.co.uk/webinars.aspx
  • 18. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Before the next webinars… Read a book… Read the world's first practical e-book guidance on achieving ISO 27001 certification and the nine essential steps to an effective ISMS implementation. Available for £25.95 (usually £29.95) http://www.vigilantsoftware.co.uk/pr oduct/1651.aspx Download a free trial of vsRisk The cyber security risk assessment tool compliant to ISO 27001 that automates and accelerates the risk management process. 15-day free trial at http://www.vigilantsoftware.co.uk
  • 19. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Next Steps – Want to know more? If you would like to know more about ISO 27001, including how to carry out an ISO 27001-compliant risk assessment, please visit http://www.vigilantsoftware.co.uk/ or email servicecentre@vigilantsoftware.co.uk.
  • 20. “The definitive risk assessment tool for ISO27001 certification” Copyright © Vigilant Software Ltd 2013 Questions – we welcome them all! Please type your questions into the gotowebinar chat window – responses will generally be verbal and shared with all delegates.