Expert Advice Community

Guest

27001 or NIST for Local Bank

  Quote
Guest
Guest user Created:   Jul 29, 2020 Last commented:   Jul 29, 2020

27001 or NIST for Local Bank

I would like to ask a question on how to implement the best security policy for my bank. As we just create a new Security Unit and I will handle this team.
First, we are thinking of IT policy, Security Framework, Compliance with legal, SIEM, and SOC. Is it the best approach?

0 0

Assign topic to the user

Assign

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jul 29, 2020

I'm assuming, by the title of the e-mail you've sent, your question is in the context of ISO 27001 and NIST SP-800 documents.

Considering that, to implement the best security policy for your bank you should first understand which legal requirements (e.g., laws, regulations, and contracts) your bank needs to fulfill, and which business objectives it wants to achieve, so you can identify how information security can help.

For example, if the bank needs to comply with GDPR, then it needs to protect user's privacy, and as objectives, if it wants to increase market share, and decrease operational costs, then decreasing the occurrence and costs for information related incidents may help achieve those objectives.

Once you have identified what is expected from information security, then you can work on the other elements of the system, like IT policy, SIEM, etc. This approach will help you focus on the elements that really matter to your implementation.

Regarding ISO 27001 and NIST documents, both provide a solid basis for implementing information security, but ISO 27001 has the advantage to be certifiable and a worldwide recognized standard.

These articles will provide you more information:

These materials will also help you regarding ISO 27001 implementation:

Quote
0 0
Guest
chhorn vibol Jul 29, 2020

thank for your reply, this is what i need for my guidance. 

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jul 29, 2020

Jul 29, 2020

Suggested Topics

Guest user Created:   Jul 16, 2021 ISO 27001 & 22301
Replies: 1
0 0

Question on ISO 27001

Guest user Created:   Jun 30, 2021 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 questions

L.Chap Created:   Jun 29, 2021 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 Beginner