Professional Documents
Culture Documents
ISO 27001 Training
ISO 27001 Training
ISO 27001 Training
we are a domestic bank, with a focus on retail banking. Here we describe our business sector. In other words,
what we do to make money. The storage and processing of sensitive customer data is part of our core business.
Here we define what is our main asset, the customer data that is part of the business.
It is therefore our duty to protect our clients data and our information assets in relation to confidentiality,
integrity and availability.
We define what aspects of data and information are protected here.The confidentiality, integrity and
availability.
The ISMS applies to the entire organization, our employees as well as contractors here.We state that the scope
applies to the whole organization.
Kebijakan ini harus mencakup tujuan organisasi mengenai keamanan informasi. Ini harus dengan jelas
menunjukkan komitmen manajemen untuk memenuhi persyaratan keamanan dan untuk terus-menerus
meningkatkan ISMS. Kebijakan ini merupakan kebijakan tingkat atas dan bukan kebijakan yang rinci. Detail
tentang kontrol dan aturan keamanan informasi harus dijelaskan di tingkat bawah lainnya kebijakan dan
prosedur. Kebijakan harus dikomunikasikan dalam organisasi dan bertanggung jawab atas komunikasi tersebut
harus ditunjuk