Governance, Risk & Compliance Using ISO 27001, ISO 20000 & ISO 22301
31 Slides2.69 MB
Governance, Risk & Compliance Using ISO 27001, ISO 20000 & ISO 22301 Sharing the Leading Best Practices in One Project
Agenda Introduction The – – – components of the Good Governance ISO 27001- Protecting the Information ISO 20,000 – Ensuring the Best IT Service Management ISO 22301 – Ensuring the Continuity of the Business Checklist Conclusion
GRC
Importance of GRC GRC Projects are must for various reasons GRC has Crossed V1 Speed.
Three Important Components of IT
What is Governance?
What is the Solution?
The Solution Explore Standards
Gartner Hype Cycle 9
Managing the Expectations 10
Gartner’s View 11
Selecting Top 3 Standards for Comprehensive Coverage
Comprehensive Governance Coverage
Information Security and ISO 27001 The Must have Standard.
What is ISO 27001? ISO 27001 is the Standard of Information Security Two Parts – – ISO 27001: Specifications ISO 27002: Code of Practices Uniqueness of ISO 27001 – – Standard 114 Annex A Controls
ISO 27001
ISO 27000 Series. Anxiously Waiting for – – – – – – – – – 27000: Fundamentals and Vocabulary 27001: ISMS Auditable and certifiable requirements 27002: Replaced ISO 17799 27003: ISMS Implementation Guidelines 27004: ISMS Measurement 27005: ISMS Risk Management 27006: Guide to the certification/registration process for accredited ISMS certification/registration bodies 27007: Guidance for those auditing Information Security Management Systems against ISO 27001 27031: Information security management guidelines for telecommunications
ISO 20,000 for (IT) Service Management System
ISO 20000
ITIL V3.0
ITIL It is all about the ‘Service’ IT is recognized as ‘Service Provider’ – To be more specific IT is Service Provider to it’s customer Business Users
Based on Deming Cycle
Deming Cycle William – – – Edwards Deming (October 14, 1900 – December 20, 1993) was Statistician. Best known for his work in Japan. From 1950 onward he taught top management how to improve Design (and thus service), Product quality, Testing and s
ISO 22301 for Business Continuity Management
Importance of BCM
What is a Disaster?
Storage Recovery Strategy
In Summary .
Fast Track Implementation
No Standardization is No Excuse
Thank You!