Download
governance risk compliance using iso 27001 iso 20000 iso 22301 n.
Skip this Video
Loading SlideShow in 5 Seconds..
Governance, Risk & Compliance Using ISO 27001, ISO 20000 & ISO 22301 PowerPoint Presentation
Download Presentation
Governance, Risk & Compliance Using ISO 27001, ISO 20000 & ISO 22301

Governance, Risk & Compliance Using ISO 27001, ISO 20000 & ISO 22301

395 Vues Download Presentation
Télécharger la présentation

Governance, Risk & Compliance Using ISO 27001, ISO 20000 & ISO 22301

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Governance, Risk & ComplianceUsing ISO 27001, ISO 20000 & ISO 22301 Sharing the Leading Best Practicesin One Project

  2. Agenda • Introduction • The components of the Good Governance • ISO 27001- Protecting the Information • ISO 20,000 – Ensuring the Best IT Service Management • ISO 22301 – Ensuring the Continuity of the Business • Checklist • Conclusion

  3. GRC

  4. Importance of GRC • GRC Projects are must for various reasons • GRC has Crossed V1 Speed.

  5. Three Important Components of IT

  6. What is Governance? • Governance is all about: • Applying the Best Practices • Ensuring the Proper Control • Effective and Efficient Management • In a Single Sentence…. • It is the “Protection Umbrella”, which is • the Responsibility of Senior Management • and Board of Directors.

  7. What is the Solution?

  8. The Solution Explore Standards

  9. Gartner Hype Cycle

  10. Managing the Expectations

  11. Gartner’s View

  12. Selecting Top 3 Standards for Comprehensive Coverage

  13. Comprehensive Governance Coverage

  14. Information Security and ISO 27001 The Must have Standard.

  15. What is ISO 27001? • ISO 27001 is the Standard of Information Security • Two Parts • ISO 27001: Specifications • ISO 27002: Code of Practices • Uniqueness of ISO 27001 • Standard • 114 Annex A Controls

  16. ISO 27001

  17. ISO 27000 Series.. • Anxiously Waiting for… • 27000: Fundamentals and Vocabulary • 27001: ISMS Auditable and certifiable requirements • 27002: Replaced ISO 17799 • 27003: ISMS Implementation Guidelines • 27004: ISMS Measurement • 27005: ISMS Risk Management • 27006: Guide to the certification/registration process for accredited ISMS certification/registration bodies • 27007: Guidance for those auditing Information Security Management Systems against ISO 27001 • 27031: Information security management guidelines for telecommunications

  18. ISO 20,000 for(IT) Service Management System

  19. ISO 20000

  20. ITIL V3.0

  21. ITIL • It is all about the ‘Service’ • IT is recognized as ‘Service Provider’ • To be more specific IT is Service Provider to it’s customer Business Users

  22. Based on Deming Cycle

  23. Deming Cycle • William Edwards Deming • (October 14, 1900 – December 20, 1993) was Statistician. • Best known for his work in Japan. • From 1950 onward he taught top management how to improve • Design (and thus service), • Product quality, • Testing and s

  24. ISO 22301forBusiness Continuity Management

  25. Importance of BCM

  26. What is a Disaster?

  27. Storage Recovery Strategy

  28. In Summary….

  29. Fast Track Implementation

  30. No Standardization is No Excuse

  31. Thank You!