Search in ISMS Guides


Wednesday, August 29, 2007

Steps for implementing the ISO 17799 standard

Initiation of the Project
Ensure the commitment of upper management;
Select and train members of the initial project team.

Definition of the ISMS
(Information Security Management System)
Identifying the scope and limits of the information security management framework is crucial to the success of the project.

Risk Assessment
Identify and evaluate threats and vulnerabilities;
Calculate the value of associated risks;
Diagnose the level of compliance with ISO 17799;
Inventory and evaluate the assets to protect.

Risk Treatment
Find out how selecting and implementing the right controls can enable an organization to reduce risk to an acceptable level.

Training and Awareness
Employees may be the weakest link in your organization’s information security.

Audit Preparation
Learn how to validate your management framework and what must be done before you bring in an external auditor for BS 7799-2 certification.

Learn more about the steps performed by external auditors and about certification agencies accredited for BS 7799-2.

Greg Tilley
Infotech Enterprises America

No comments: