Thank you for replay. Currently we are in process of certification for security standard PCI-DSS for bank card environment.
For other bank organizational units we would like to update regulations to cover requirements of ISO 27001 standard. For this topic I am looking for additional information.
In addition we are using SIEM system (***). Regarding update internal regulation about this we need more information about best practice in this area. Could you help us with more information in this area? We need more information about draft standard ISO 27044 and best practice in this area.
Answer:
If you want to implement the ISO 27001 standard in your organization, you can use our templates, which have all necessary documentation. You can see here a free version of each document clicking on Free Demo tab: https://advisera.com/27001academy/iso-27001-documentation-toolkit/. Regarding regulations, here you can find a list of international laws and regulations related to the information security and business continuity: https://www.infosec pedia.info/laws-regulations-information-security-business-continuity. Also can be interesting for you to know that you can integrate ISO 27001 and PCI-DSS, here you can find more information about this PCI-DSS vs. ISO 27001 Part 1 Similarities and Differences : https://advisera.com/27001academy/knowledgebase/pci-dss/ and PCI-DSS vs. ISO 27001 Part 2 Implementation and Certification : https://advisera.com/27001academy/knowledgebase/pci-dss/
Unfortunately, we have currently no materials on SIEM/ISO 27044 - when we publish any such materials we will certainly let you know.
Comment as guest or Sign in
Jan 12, 2016