Description
managment info
information security
Information security management systems
Prepared by :Navin
Definition
Information Security Management System (ISMS) n . A framework under which to integrate people, process, and technology in order to direct the activities required to preserve confidentiality, integrity, and availability of information assets.
Benefits of isms
? Informed Choice: An ISMS establishes an environment of informed choice decision making. ? Methodology: An ISMS provides a methodology to integrate tools and products into information security processes. ? Interoperability: A standardized management system that will enhance information security interoperability and trust both internally and externally. ? Framework: A mechanism to manage a flexible and extensible Information Security Program. ? Due Diligence: A vehicle to document and potentially certify "due diligence". ? Regulatory Umbrella: An umbrella under which multiple information protection requirements may be simultaneously addressed.
? Efficiency: For organizations subject to regulatory compliance, an ISMS will increase efficiency and eliminate redundancy in complying with multiple information protection requirements. ? Market Differentiator: For data centric organizations, customer perception of an ISO 27001 certified ISMS may offer a marketing advantage. ? Certifiable: You can certify an ISMS to ISO 27001 once it's implemented.
doc_640312007.pptx
managment info
information security
Information security management systems
Prepared by :Navin
Definition
Information Security Management System (ISMS) n . A framework under which to integrate people, process, and technology in order to direct the activities required to preserve confidentiality, integrity, and availability of information assets.
Benefits of isms
? Informed Choice: An ISMS establishes an environment of informed choice decision making. ? Methodology: An ISMS provides a methodology to integrate tools and products into information security processes. ? Interoperability: A standardized management system that will enhance information security interoperability and trust both internally and externally. ? Framework: A mechanism to manage a flexible and extensible Information Security Program. ? Due Diligence: A vehicle to document and potentially certify "due diligence". ? Regulatory Umbrella: An umbrella under which multiple information protection requirements may be simultaneously addressed.
? Efficiency: For organizations subject to regulatory compliance, an ISMS will increase efficiency and eliminate redundancy in complying with multiple information protection requirements. ? Market Differentiator: For data centric organizations, customer perception of an ISO 27001 certified ISMS may offer a marketing advantage. ? Certifiable: You can certify an ISMS to ISO 27001 once it's implemented.
doc_640312007.pptx