(ONLINE) ITIL Indonesia Community - Manfaat Penerapan Sistem Manajemen Keaman...
The best way to use ISO 27001
1. What is the best way to use ISO 27001? Jeremy Wilde 11/08/09
2.
3.
4.
5.
6.
7.
8.
9.
10. Good process drives continuous improvement Controls Architecture Process Data at rest in transit classification Data Model patterns blocks classification risk assessment pen test Infrastructure (host, network) configuration interconnection update (patch) monitoring trust domains patterns blocks change mgt config mgt config audit event monitoring Applications common services infra models SDLC insertion coding standards testing promotion ent arch models Business scenarios Building blocks SDLC insertions pre-promo review post-prod review People access passwords account sharing Governance awareness metrics communication plan Framework Sources ISO27002 COBIT ISO10181 ISO27005 ANSI/IEEE 1471-2000 TOGAF ISO27001 ITIL v3
11.
12. Gap Analysis Current State Target State Desired State Gap 1 2 3 4 5 Infrastructure Controls 1 2 3 4 5 Applications Controls 1 2 3 4 5 Applications Architecture 1 2 3 4 5 Infrastructure Architecture 1 2 3 4 5 Infrastructure Process Mgt
13.
14.
Notes de l'éditeur
The ISO/IEC 17799:2005 standard comprises the following: Introductory Sections 1 Scope 2 Terms and definitions 3 Structure of the standard Information Security Guidance Sections 4 Risk assessment and treatment 5 Security policy 6 Organizing information security 7 Asset management 8 Human resource security 9 Physical and environmental security 10 Communications and operations management 11 Access control 12 Information systems acquisition, development and maintenance 13 Information security incident management 14 Business continuity management 15 Compliance