why iso 27001_awareness_presentation_en
TRANSCRIPT
04/15/2023 Copyright ©2014 9001Academy. All rights reserved. 2
By implementing information security, you help both
your company and yourself
Content
• Basic information about ISO 27001• The purpose of ISO 27001• The ISO 27001 framework• ISO 27001 myths• Benefits for our company• Implementation details• Your role in the implementation
04/15/2023 Copyright ©2014 9001Academy. All rights reserved. 3
04/15/2023 Copyright ©2014 9001Academy. All rights reserved. 4
Basic information about ISO 27001• International standard, published by ISO• Developed by leading information security
experts• Applicable to any industry• Applicable to any size company• More than 20,000 companies have certified
worldwide
04/15/2023 Copyright ©2014 9001Academy. All rights reserved. 5
The purpose of ISO 27001
Preservation of:• Confidentiality• Integrity• Availability
04/15/2023 Copyright ©2014 9001Academy. All rights reserved. 6
How to protect the information
Controls (safeguards):• Procedure• Password• Encryption• Legal• Training &
awareness
04/15/2023 Copyright ©2014 9001Academy. All rights reserved. 7
What is information security?
Information
04/15/2023 Copyright ©2014 9001Academy. All rights reserved. 8
The ISO 27001 framework
Risk assessment & treatment
114 controls from
Annex A
04/15/2023 Copyright ©2014 9001Academy. All rights reserved. 9
ISO 27001 myths
• “This is an IT job”• “It’s all about writing policies and procedures”• “We’ll get lost in all those documents”• “ISO 27001 will only make our job more
difficult”• “It will be implemented in 2 months”• “We do it only because of the certification”
04/15/2023 Copyright ©2014 9001Academy. All rights reserved. 10
Benefits for our company
Compliance Marketing edge
Lowering the expenses
Optimizing business
processes
04/15/2023 Copyright ©2014 9001Academy. All rights reserved. 11
Implementation details
• Project manager: [insert name]• Project sponsor: [insert name]• Project duration: [insert number of months]
04/15/2023 Copyright ©2014 9001Academy. All rights reserved. 12
Your role in the implementation• Suggest which processes to document• Suggest changes in existing & new policies and
procedures• Read all the new documents and attend
awareness & training sessions• Comply with policies and procedures once
they are published
04/15/2023 Copyright ©2014 9001Academy. All rights reserved. 13
ISO 27001 helps you put all the pieces together
(if done properly)