International standards
This intermnational standards adopts a process approach for establishing ,implementing,operating ,monitoring,reviewing,maintaining and improving an organization ISMS.The appliaction of system of process within an organization ,together with the identification and interaction of the process and their management,can be reffered to as a process approach.The process approach for information security management presented in the international standard encourages its users to emphasize the importance of:
a)Understanding an organization,s information security requirements and the need to establish policy and objectives of information security
b)Implementing and operating controls to manage organization,s information security risks in the context of the organization's overall bussiness risks
b)Monitoring and reviewind the performance and effectiveness of the ISMS
d)Continual improvement based on objective measurement
This international standard adopts the PDCA MODEL which is applies to structure all ISMS process
The adoption of PDCA model will also reflects the prciples as set out in the OECD guidelines governing the secuirity of information systems and networks
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment