By: Frederick Hawkes
File Type : Pdf
Page : 49 Page
Read This Ebook : http://www.giac.org/certified_professionals/practicals/g7799/0012.php
Table of Contents
Define the System ....................................................................................................................4Project Summary ....................................................................................................................4
Organization ...........................................................................................................................4
System Description.................................................................................................................6
Current Security Structure.......................................................................................................8
Plan-Do-Check-Act (PDCA) Process ......................................................................................9
ISMS Project Plan (PDCA … Plan)...............................................................................10
Project Scope .......................................................................................................................10
Project Timeline....................................................................................................................11
Organizational Structure and Responsibilities .......................................................................12
Policies, Guidelines, Standards or Procedures Requirements ..............................................14
Risk Identification Process ....................................................................................................16
Risks to the System..............................................................................................................19
Plans for Addressing the Risks .............................................................................................20
Selected ISO17799 Controls.................................................................................................21
ISMS Implementation Plan (PDCA … Do).....................................................................23
Overview..............................................................................................................................23
Creation and Staffing of the Security Management Team.....................................................23
Identification and Processing of Applicable Legislation .........................................................24
Data Protection and Privacy of Personal Information ............................................................25
Information Security Policy Document ..................................................................................25
Information Security Education and Training.........................................................................26
WLAN Access Control ..........................................................................................................27
Statements of Applicability....................................................................................................27
ISO 17799 Section 12.1.4 … Data Protection and Privacy of Personal Information..............28
ISO 17799 Section 12.1.2 … Intellectual Property Rights.....................................................28
ISMS Audit Plan (PDCA … Check)...............................................................................29
ISO 17799 Section 4.1.1 … Management Information Security Forum.................................29
ISO 17799 Section 12.1.1 … Identification of Applicable Legislation.....................................30
ISO 17799 Section 12.1.4 … Data Protection and Privacy of Personal Information..............31
ISO17799 Section 9.4.3 … User Authentication for External Connections............................32
ISO 17799 Section 3.1.1 … Information Security Policy Document.......................................34
No comments:
Post a Comment