|
Addressing corporate concerns on Information Security Management
Systems by adding Values to the Organization through updating
and improving People, Process and Technology (PPT) and related
resources, which maps the business process with information
technology infrastructure and human assets
-
Business Benefits:
- Reduce risks and threats to the Confidentiality,
Integrity and Availability of Information Assets and System
Resources by providing policies, practices and standards
designed to mitigate or eliminate all known risks and
threat.
- Improve the effectiveness and
efficiency of Security and Privacy Management by
implementing a world class best practice and framework for
consistent, concise security administration.
-
Improve effectiveness and efficiencies of existing security
and privacy mechanisms by formalizing new practices to
monitor compliance and maintain sensitive data protection.
-
Reduce the likelihood that an accidental security incident or breach of personal
information caused by staff could have an adverse affect on Company reputation
or liabilities potentially leading to financial losses, by providing an ongoing
information security training and awareness program.
-
Objectives of ISMS:
-
Confidentiality: Ensuring that the information is accessible only
to those authorized to access it.
-
Integrity: Ensuring that the
information is accurate and complete and that the
information is not modified without authorization
-
Availability:
Ensuring that the information is
accessible to authorized users when required.
-
Guidelines:
-
Inter-company
Communication management
-
Human resources management
-
Asset management
-
Risk management
-
Physical and environmental
security
-
Communications and operations
management
-
Access control
-
Information systems acquisition,
development and maintenance
-
Information security incident management
-
Business continuity management
-
Compliance and regulatory review
-
Training and awareness programs for staff members
|
