Scribd Logo
Upload

Welcome to Scribd!

  • L - ISO27k ISMS Implementation and Certification Process

    Uploaded by

    velibor27
    53 views1 page
    The document outlines the steps in the ISO 27002 standard for implementing an Information Security Management System (ISMS). The steps include: 1) Getting management support; 2) Defining the ISMS scope; 3) Conducting an inventory of information assets and risks; 4) Preparing a Statement of Applicability and Risk Treatment Plan; 5) Developing an implementation program; 6) Implementing the ISMS; 7) Maintaining the ISMS; and 8) Seeking ISO 27001 certification through an audit process.

    Original Description:

    Original Title

    L - ISO27k ISMS implementation and certification process.docx

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document outlines the steps in the ISO 27002 standard for implementing an Information Security Management System (ISMS). The steps include: 1) Getting management support; 2) Defining the ISMS scope; 3) Conducting an inventory of information assets and risks; 4) Preparing a Statement of Applicability and Risk Treatment Plan; 5) Developing an implementation program; 6) Implementing the ISMS; 7) Maintaining the ISMS; and 8) Seeking ISO 27001 certification through an audit process.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    53 views1 page

    L - ISO27k ISMS Implementation and Certification Process

    Uploaded by

    velibor27
    The document outlines the steps in the ISO 27002 standard for implementing an Information Security Management System (ISMS). The steps include: 1) Getting management support; 2) Defining the ISMS scope; 3) Conducting an inventory of information assets and risks; 4) Preparing a Statement of Applicability and Risk Treatment Plan; 5) Developing an implementation program; 6) Implementing the ISMS; 7) Maintaining the ISMS; and 8) Seeking ISO 27001 certification through an audit process.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 1

    ISO 27002

    5a.Prepare SOA
    Statement of
    Applicability

    0. Start 1.Get 2. Define 3.Inventory 4.Conduction


    Management information
    here ISMS scope information
    support security risk
    assets assessment 5b.Prepare RTP
    Risk
    Treatment
    Plan

    Business case ISMS scope


    6.Develop
    Invento ISMS
    ry Implementatio
    n program

    9. ISMS Operational Artifacts

    Policies Project plan


    Standards N
    Procedures 8.Information Project plan
    Guidelines Security N-1 Project plan
    Management One project
    Security System within the
    logs etc. program
    7.ISMS implementation
    program

    PDCA cycle
    (one of
    money)

    10. 11.Corectiv
    Compliance &
    Compliance e actions
    audit reports
    Awareness & review
    etc.
    training
    attendance &
    test report
    etc
    12.Pre-
    certification
    assesment
    Key
    Activity Databa
    se

    13. 14. Party


    ISO27001 ISO27001 Docume ISOstanda
    Certificatio party
    n audit certificate nt or rd
    output

    You might also like