Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This is a closed confidential mailing list. If you would like to subscribe and join the working group, please contact Sigita Jurkynaite <sigita.jurkynaite@geant.org>

Meeting notes

The minutes of the SIG-ISM WG2 meetings are confidential - the viewing is restricted to the SIG-ISM mailing list members only.

2017-04-05 Meeting (VC)

...

How to prepare the organisation for starting an implementation of ISMS.

This section will discuss what need to be in place before starting an implementation of a ISMS.

When looking at security management the ISO 27001 comes in view. This standard describes all the aspects of security management that need to be in place when an organization wants to be certified for information security management. Though this standard covers all aspects of security management and therefore provides a good guidance, it is not a comfortable standard for implementing quality management processes. You would prefer to integrate quality management closely into your working processen, both operational and managerial. The schematic below illustrates how this can be done in a way that is both complete in terms of the ISO standard and recognizable for day-to-day operations. The upper part of the schematic (blue blobs) specifies the company wide processes. in some organizations the responsibility for information security  for products and services is distributed in the organization to products teams, departments or business line. That is illustrated in the lower part (light yellow blobs) of the schematic. If you use a centralised approach for information security you only have to look at the upper part of the schematic. The chapters of ISO27001 can be mapped on this schematics. (illustrated inn gteh second sheet of the set linked to below)

View file
nameISMS 0.7.pdf
height250

All items in this schematic are detailed out in separate pages. Details of the mapping on ISO 27001 can also be added on these pages.

SOA

SOA_Template_UNINETT_Engelsk.xlsx

...