Our rich experiences in IT, security, procedure development, organization wide
implementation, metrics based process refinement, internal audits and
external assessments, are consolidated in the following. Please note that these
are not replication of standards and are not endorsed by SEI or any other accreditation body. |
Step-by-Step Approach for ISO/IEC
27001:2005 Compliance is a power point
presentation with topics on :
Initial Gap (Adequacy) Analysis, Security Steering Committee,
Security process improvement
planning, Initial modification of process database and piloting, Detailed Gap
Analysis with effectiveness measurement, Process Refinement, Organizational Training,
Process Implementation, Internal Audit, Preventive and Corrective Action,
Inviting Assessor
|
Sample Templates for building
ISO/IEC 27001:2005 oriented Information Security
Management System contains
MS-Word files with simple structures for procedures and templates for:
Security Policy Manual, Asset Classification, Management Review,
Roles and Responsibilities, Job Descriptions, Resource Management
(Hiring, Training and Performance Evaluation), Confidentiality and
Non-Disclosure Agreements, Incidence Management, Business
Continuity Management, Access Control Management, Physical and
Environmental Security Management, Internal Audit Management
|