The PDCA model is already used in other management systems like quality management. And it works fine within the information security management system (ISMS):
* Plan: Establish the information security management system (ISMS).
* Do: Implement and operate the ISMS.
* Check: Monitor and review the ISMS.
* Act: Maintain and improve the ISMS.
Close the gaps with AMS9000 and protect the value of your information
AMS9000 assists you in establishing and maintaining your ISMS
As part of the JKT9000 family of management software modules, AMS9000 is the audit management software. This programme is designed to handle all aspects of an internal audit programme, from planning audits to the follow-up of corrective actions against deficiencies found.
AMS9000 can be used to verify compliance with any kind of standards including ISO 17799 or ISO 27001. Further you can use it to audit e.g. your quality management system (ISO 9000) or your environmental management system (ISO 14000).
The Workflow of the AMS9000-Navigator, ISMS Audit Software
AMS9000 uses a Navigator which includes a brief workflow of the steps being subject to audit management. To enter any of these steps the users just clicks the icon.
Functions of AMS9000, Audit Management Software
* maintains the audit schedule, checklist preparation and all audit info.
* allows to enter own checklist items and/or text directly from own procedures.
* comes with checklist requirements derived directly from the 1994 and 2000 ISO9001 Standards
* stores pending files for follow-up items to be considered in future audits
* allows to take containment, corrective and preventive actions against deficiencies found in the audit
* tracks all nonconformances, including actions and verification
* comprises reports covering trend analysis and audit summaries and 'reminder' reports to track corrective action and implementations.
* Field names of the screens can be altered to suit your individual company language.
* provides user-definable fields.
* all users get their information relevant to their needs by email.
Reports in AMS9000, Audit Management Software
All reports mentioned below can be filtered by further criteria to meet the user's information needs.
* audit schedules
* audit history report
* print checklists
* internal audit Corrective Action Summary
* supplier audit Corrective Action Summary
* Corrective Actions not responded to yet
* NCs vs. ISO clause x-tab
* past due Corrective Action responses
* pending Corrective Action implementations.
Next to these standard system reports which might cover the basic needs the user has the option to create 'custom reports'.
When printing Corrective Action reports, there are the following options:
* prints Corrective Action Request on a single page
* prints Corrective Action Request on 3 pages minimum, but expands as required
* prints Corrective Action Request summary and attaches all activity logs.
* prints Corrective Action Request summary and attaches all subcase activity.
* prints blank page for manual use
* completed Corrective Action Request form shows more details on one page
* Corrective Action Request 7 Step (Chrysler) Style form
* Corrective Action Request 8D style single page form.
Module types of AMS9000, Audit Management Software
* Standalone & LAN Configurations
* WAN & Client Server Configurations
* Web-based Configuration
The standards ISO 17799/ISO27001 and BS 7799
ISO 17799 (ISO 27001 or BS 7799-1) is a code of practice for information security management. It gives recommendations for information security management, i.e. for initiating, implementing or maintaining security. ISO 17799 provides a comprehensive set of controls comprising best practices in information security. It is intended to provide a common basis for developing organisational security standards and effective security management practice. It provides recommendations and guidance that usually an organisation should address. This means that an organisation is requested to go ahead from this starting point or common basis. This has to be kept in mind when using general checklists to audit an ISMS. The specifics of an organisation always have to shine through the design of the ISMS including the audit checklist and audit procedures.
BS 7799-2 is concerned with the management system. The standard mentions four major areas:
* Information Security Management System (ISMS)
* Management Responsibility
* Management Review
* ISMS Improvement
Benefits for your information security management system
AMS9000 is an audit software tool to audit an information security management system. It supports the entire audit process.
It can be used to audit compliance with standards such as ISO 17799 / ISO 27001 and BS 7799.
Further benefits are:
* AMS9000 kann zum Auditieren nach ISO 17799 / SO 27001, BS 7799 und anderer Standards zur Informationssicherheit benutzt werden. Darüber hinaus kann es für andere Audit benutzt werden, wie sie etwa aus dem Qualitätsmanagement bekannt sind. Sie brauchen nicht für jeweils verschiedene Audits eine andere Auditsoftware.
* AMS9000 can be used to audit against ISO 17799 and BS 7799 or any other information security management standard. However, it can be used for other audits as well known from quality management. You do not need a different audit tool for each kind of audit.
* Get evidence of conformance with ISO 17799 or whatever checklist you apply. This can be helpful when you like to register to BS 7799 part 2.
* Efficient and quick analysis and report significantly reduces time and resources necessary.
* Low training needs through ease to use and intuitive handling of the software.
* Management of corrective actions assists you in improving your information security management.
AMS9000, Audit Management Software, is developed by
www.noweco.com
7 comments:
To improve productivity of a company and reduce costs, an effective management software should be used. Management Software is a long term solution to leverage existing investment in Microsoft technology.
Amazing, blog post. Thanks for sharing.
ISO 9712 training in India
ISO 9712 training in Chennai
ISO 9712 training in Tamil Nadu
ISO 9712 training
It is really a helpful blog to find some different sources to add my knowledge. I came into awareness of the new professional blog and I am impressed with the suggestions of the author.
ISO 27001 (Information Security Management System) Consultancy in UAE.
This is the perfect blog i had ever seen. Thanks for posting this post. ISO 27001 Certification
Thank you for putting an effort to published this article. You've done a great job! Good bless!
ISO 9001 Certification
ISO 9001 Online Certification
Good day. I was impressed with your article. Keep it up . You can also visit my site if you have time. Thank you and Bless you always.
ISO 27001 certification vietnam
This is an excellent article. Thank you for giving this useful knowledge about audit management system
Post a Comment