Key elements of ISO 27001
he Ministry of Justice is requiring ISO27001 of the charities providing resettlement services, some as small as £100k turnover.
I have been asked, for tomorrow, to explain it to them. What are the key elements that I could explain in 5 minutes?
Looking online i see a lot about process and reports, not much about what technology they have to have in place.
Hope you can help!
Assign topic to the user
First is important to note that ISO 27001 is not about "how to" (e.g., which documents, technologies, and other solutions to use), but about "what needs to be done" (i.e., which objectives to achieve, like treat risks, train people, etc.)
Considering that, some key elements you need to consider are:
- Top management support
- Definition of roles and responsibilities
- Information security risk management
- Employees engagement
These articles will provide you a further explanation about ISO 27001:
- What is ISO 27001 https://advisera.com/27001academy/what-is-iso-27001/
- Where to start from with ISO 27001 https://advisera.com/27001academy/knowledgebase/iso-27001-where-to-start-most-important-materials/
- Four key benefits of ISO 27001 implementation https://advisera.com/27001academy/knowledgebase/four-key-benefits-of-iso-27001-implementation/
- 4 crucial techniques for convincing your top management about ISO 27001 implementation https://advisera.com/27001academy/blog/2016/09/12/4-crucial-techniques-for-convincing-your-top-management-about-iso27001-implementation/
These materials will also help you in presenting ISO 27001:
- Why ISO 27001 – Awareness presentation (MS PowerPoint) https://info.advisera.com/27001academy/free-download/why-iso-27001-awareness-presentation
- ISO 27001 benefits: How to obtain management support [free webinar on demand] https://advisera.com/27001academy/webinar/iso-27001-benefits-how-to-get-management-buy-in-free-webinar-on-demand/
Comment as guest or Sign in
Sep 16, 2020