Expert Advice Community

Guest

Information Security Management System

  Quote
Guest
Guest user Created:   Sep 16, 2020 Last commented:   Sep 16, 2020

Information Security Management System

Aconsejaría (viable) y que recomendaciones daría durante o posterior al diseño del SGSI se desarrolle una aplicación para realizar una gestión y seguimiento automatizado y adecuado de la seguridad de la información, con una trazabilidad al implementar un Sistema de Gestión de Seguridad de la Información (SGSI)?
0 0

Assign topic to the user

ISO 27001 IT SECURITY POLICY

Define the detailed security rules for everyone in the company.

ISO 27001 IT SECURITY POLICY

Define the detailed security rules for everyone in the company.

Expert
Rhand Leal Sep 16, 2020

Would you advise (feasible) and what recommendations would you give during or after the design of the ISMS an application be developed to carry out an automated and adequate management and monitoring of information security, with traceability when implementing an Information Security Management System ( ISMS)?

Please note that while some activities, like risk assessment and internal audit, require a lot of analysis and evaluation work to be done, and it is not possible to automate them, because some decisions require a human feeling and perception of the business environment that a machine cannot properly evaluate, some activities you can be automated, such as:

  • collect data from existing databases (e.g. to help identity assets if an asset-threat-vulnerability risk assessment approach is used)
  • compare data gathered with risk level limits to warn about risks that require further analysis
  • organize and present data for decision making.

Considering that, in the development of an ISMS application to fulfill your needs, you need first identify which requirements this application needs to meet, to see the level of automation you can reach, and if this is enough for your purposes.

This article will provide you a further explanation about the use of tools:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Sep 16, 2020

Sep 16, 2020

Suggested Topics

adalnei gomide Created:   Jan 22, 2024 ISO 27001 & 22301
Replies: 1
0 0

Ativos

Guest user Created:   May 26, 2023 ISO 27001 & 22301
Replies: 1
0 0

Non-Conformity in RR

Guest user Created:   Feb 15, 2023 ISO 27001 & 22301
Replies: 1
0 0

Request for Guidance