SlideShare a Scribd company logo

ISO/IEC 27001:2013

Ramiro Cid
Ramiro Cid

Main changes on ISO/IEC 27001:2013. A comparative with ISO/IEC 27001:2005. List of new domains, List of new controls, references

Technology
1 of 7
Download to read offline
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid ISO/IEC 27001:2013 ISO/IEC 27001:2013 Ramiro Cid | @ramirocid
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid ISO/IEC 27001:2013 ISO/IEC 27001:2013 References: ISO/IEC 27001:2013. Final draft: Published on 07/2013. Final version: End of 2013.
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid ISO/IEC 27001:2013 Changes on ISO/IEC 27001:2013 Main changes in comparte with the previous version (ISO/IEC 27001:2005): • ISO/IEC 27001:2013 will have 114 controls into 14 domains (the actual version have 133 controls in 11 domains). • 11 new controls: • A.6.1.5 Information security in project management • A.12.6.2 Restrictions on software installation • A.14.2.1 Secure development policy • A.14.2.5 Secure system engineering principles • A.14.2.6 Secure development environment • A.14.2.8 System security testing • A.15.1.1 Information security policy for supplier relationships • A.15.1.3 Information and communication technology supply chain • A.16.1.4 Assessment of and decision on information security events • A.16.1.5 Response to information security incidents • A.17.2.1 Availability of information processing facilities
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid ISO/IEC 27001:2013 Main changes in comparte with the previous version (ISO/IEC 27001:2005): • 14 domains instead of 11. The new domains will be: • A.5: Information security policies • A.6: How information security is organised • A.7: Human resources security - controls that are applied before, during, or after employment. • A.8: Asset management • A.9: Access controls and managing user access • A.10: Cryptographic technology • A.11: Physical security of the organisation's sites and equipment • A.12: Operational security • A.13: Secure communications and data transfer • A.14: Secure acquisition, development, and support of information systems • A.15: Security for suppliers and third parties • A.16: Incident management • A.17: Business continuity/disaster recovery (to the extent that it affects information security) • A.18: Compliance - with internal requirements, such as policies, and with external requirements, such as laws Changes on ISO/IEC 27001:2013
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid ISO/IEC 27001:2013 Domains comparision chart: ISO/IEC 27001:2005 ISO/IEC 27001:2013 A.5 -Security policy A.5: Information security policies A.6 -Organization ofinformation security A.6: How information security is organised A.8 -Human resources security A.7: Human resources security -controls that are applied before, during, or after employment. A.7 -Asset management A.8: Asset management A.11 - Access control A.9: Access controls and managing user access A.10: Cryptographic technology A.9 -Physical and environmental security A.11: Physical security ofthe organisation's sites and equipment A.12: Operational security A.10 -Communications and operations management A.13: Secure communications and data transfer A.12 -Information systems acquisition, development and maintenance A.14: Secure acquisition, development, and support ofinformation systems A.15: Security for suppliers and third parties A.13 -Information security incident management A.16: Incident management A.14 -Business continuity management A.17: Business continuity/disaster recovery (to the extent that it affects information security) A.15 -Compliance A.18: Compliance -with internal requirements, such as policies, and with external requirements, such as laws Changes on ISO/IEC 27001:2013
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid ISO/IEC 27001:2013 References URL to complete the knowledge: ISO: 1. ISO Oficial web: http://www.iso.org/ 2. 2013 version on ISO Oficinal web: http://www.iso.org/iso/home/news_index/news_archive/news.htm?refid=Ref1767 3. Wikipedia (ISO/IEC 27001:2005): http://en.wikipedia.org/wiki/ISO/IEC_27001 4. Wikipedia (ISO/IEC 27001:2013): http://en.wikipedia.org/wiki/ISO/IEC_27001:2013
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid ISO/IEC 27001:2013 Questions ? Many thanks! ramiro@ramirocid.com @ramirocid http://www.linkedin.com/in/ramirocid http://ramirocid.com http://es.slideshare.net/ramirocid http://www.youtube.com/user/cidramiro Ramiro Cid CISM, CGEIT, ISO 27001 LA, ISO 22301 LA, ITIL

Recommended

ISO 27001 2013 isms final overview
ISO 27001 2013 isms final overviewISO 27001 2013 isms final overview
ISO 27001 2013 isms final overviewNaresh Rao
 
ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview Ahmed Riad .
 
27001 awareness Training
27001 awareness Training27001 awareness Training
27001 awareness TrainingDr Madhu Aman Sharma
 
ISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxDr Madhu Aman Sharma
 
ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3Tanmay Shinde
 
ISO 27001:2022 Introduction
ISO 27001:2022 IntroductionISO 27001:2022 Introduction
ISO 27001:2022 IntroductionAndrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
Overview of ISO 27001 ISMS
Overview of ISO 27001 ISMSOverview of ISO 27001 ISMS
Overview of ISO 27001 ISMSAkhil Garg
 
ISMS Part I
ISMS Part IISMS Part I
ISMS Part Ikhushboo
 

Recommended

ISO 27001 2013 isms final overview
ISO 27001 2013 isms final overviewISO 27001 2013 isms final overview
ISO 27001 2013 isms final overviewNaresh Rao
 
ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview Ahmed Riad .
 
27001 awareness Training
27001 awareness Training27001 awareness Training
27001 awareness TrainingDr Madhu Aman Sharma
 
ISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxISO 27001 Awareness/TRansition.pptx
ISO 27001 Awareness/TRansition.pptxDr Madhu Aman Sharma
 
ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3ISO 27001 - Information security user awareness training presentation - part 3
ISO 27001 - Information security user awareness training presentation - part 3Tanmay Shinde
 
ISO 27001:2022 Introduction
ISO 27001:2022 IntroductionISO 27001:2022 Introduction
ISO 27001:2022 IntroductionAndrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
Overview of ISO 27001 ISMS
Overview of ISO 27001 ISMSOverview of ISO 27001 ISMS
Overview of ISO 27001 ISMSAkhil Garg
 
ISMS Part I
ISMS Part IISMS Part I
ISMS Part Ikhushboo
 
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingOperational Excellence Consulting
 
Iso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromIso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromMart Rovers
 
Why ISO27001 For My Organisation
Why ISO27001 For My OrganisationWhy ISO27001 For My Organisation
Why ISO27001 For My OrganisationVigilant Software
 
Iso 27001 awareness
Iso 27001 awarenessIso 27001 awareness
Iso 27001 awarenessÃsħâr Ãâlâm
 
Steps to iso 27001 implementation
Steps to iso 27001 implementationSteps to iso 27001 implementation
Steps to iso 27001 implementationRalf Braga
 
ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?PECB
 
Isms awareness presentation
Isms awareness presentationIsms awareness presentation
Isms awareness presentationPranay Kumar
 
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA
 
NQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation GuideNQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation GuideNA Putra
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewShankar Subramaniyan
 
Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentationMidhun Nirmal
 
ISO 27001 Benefits
ISO 27001 BenefitsISO 27001 Benefits
ISO 27001 BenefitsDejan Kosutic
 
ISO 27001 Certification - The Benefits and Challenges
ISO 27001 Certification - The Benefits and ChallengesISO 27001 Certification - The Benefits and Challenges
ISO 27001 Certification - The Benefits and ChallengesCertification Europe
 
Basic introduction to iso27001
Basic introduction to iso27001Basic introduction to iso27001
Basic introduction to iso27001Imran Ahmed
 
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementationPrivacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementationPECB
 
Structure of iso 27001
Structure of iso 27001Structure of iso 27001
Structure of iso 27001CUNIX INDIA
 
How can the ISO 27701 help to design, implement, operate and improve a privac...
How can the ISO 27701 help to design, implement, operate and improve a privac...How can the ISO 27701 help to design, implement, operate and improve a privac...
How can the ISO 27701 help to design, implement, operate and improve a privac...Hernan Huwyler, MBA CPA
 
ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1Tanmay Shinde
 
ISO 27001 - Information Security Management System
ISO 27001 - Information Security Management SystemISO 27001 - Information Security Management System
ISO 27001 - Information Security Management SystemMuhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 
Implementing ISO27001 2013
Implementing ISO27001 2013Implementing ISO27001 2013
Implementing ISO27001 2013scttmcvy
 
ISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureUppala Anand
 
ISO 27001
ISO 27001ISO 27001
ISO 27001n|u - The Open Security Community
 

More Related Content

What's hot

ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingOperational Excellence Consulting
 
Iso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromIso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromMart Rovers
 
Why ISO27001 For My Organisation
Why ISO27001 For My OrganisationWhy ISO27001 For My Organisation
Why ISO27001 For My OrganisationVigilant Software
 
Steps to iso 27001 implementation
Steps to iso 27001 implementationSteps to iso 27001 implementation
Steps to iso 27001 implementationRalf Braga
 
ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?PECB
 
Isms awareness presentation
Isms awareness presentationIsms awareness presentation
Isms awareness presentationPranay Kumar
 
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA
 
NQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation GuideNQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation GuideNA Putra
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewShankar Subramaniyan
 
Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentationMidhun Nirmal
 
ISO 27001 Certification - The Benefits and Challenges
ISO 27001 Certification - The Benefits and ChallengesISO 27001 Certification - The Benefits and Challenges
ISO 27001 Certification - The Benefits and ChallengesCertification Europe
 
Basic introduction to iso27001
Basic introduction to iso27001Basic introduction to iso27001
Basic introduction to iso27001Imran Ahmed
 
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementationPrivacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementationPECB
 
Structure of iso 27001
Structure of iso 27001Structure of iso 27001
Structure of iso 27001CUNIX INDIA
 
How can the ISO 27701 help to design, implement, operate and improve a privac...
How can the ISO 27701 help to design, implement, operate and improve a privac...How can the ISO 27701 help to design, implement, operate and improve a privac...
How can the ISO 27701 help to design, implement, operate and improve a privac...Hernan Huwyler, MBA CPA
 
ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1Tanmay Shinde
 
Implementing ISO27001 2013
Implementing ISO27001 2013Implementing ISO27001 2013
Implementing ISO27001 2013scttmcvy
 

What's hot (20)

ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
 
Iso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromIso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interprom
 
Why ISO27001 For My Organisation
Why ISO27001 For My OrganisationWhy ISO27001 For My Organisation
Why ISO27001 For My Organisation
 
Iso 27001 awareness
Iso 27001 awarenessIso 27001 awareness
Iso 27001 awareness
 
Steps to iso 27001 implementation
Steps to iso 27001 implementationSteps to iso 27001 implementation
Steps to iso 27001 implementation
 
ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?ISO/IEC 27001:2022 – What are the changes?
ISO/IEC 27001:2022 – What are the changes?
 
Isms awareness presentation
Isms awareness presentationIsms awareness presentation
Isms awareness presentation
 
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation Guide
 
NQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation GuideNQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation Guide
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process Overview
 
Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentation
 
ISO 27001 Benefits
ISO 27001 BenefitsISO 27001 Benefits
ISO 27001 Benefits
 
ISO 27001 Certification - The Benefits and Challenges
ISO 27001 Certification - The Benefits and ChallengesISO 27001 Certification - The Benefits and Challenges
ISO 27001 Certification - The Benefits and Challenges
 
Basic introduction to iso27001
Basic introduction to iso27001Basic introduction to iso27001
Basic introduction to iso27001
 
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementationPrivacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation
 
Structure of iso 27001
Structure of iso 27001Structure of iso 27001
Structure of iso 27001
 
How can the ISO 27701 help to design, implement, operate and improve a privac...
How can the ISO 27701 help to design, implement, operate and improve a privac...How can the ISO 27701 help to design, implement, operate and improve a privac...
How can the ISO 27701 help to design, implement, operate and improve a privac...
 
ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1
 
ISO 27001 - Information Security Management System
ISO 27001 - Information Security Management SystemISO 27001 - Information Security Management System
ISO 27001 - Information Security Management System
 
Implementing ISO27001 2013
Implementing ISO27001 2013Implementing ISO27001 2013
Implementing ISO27001 2013
 

Viewers also liked

ISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureUppala Anand
 
ISO 27001:2013 Mandatory documents and records
ISO 27001:2013 Mandatory documents and recordsISO 27001:2013 Mandatory documents and records
ISO 27001:2013 Mandatory documents and recordsManoj Vakekattil
 
ISO Annex SL Clause 4: Context of the Organisation
ISO Annex SL Clause 4: Context of the OrganisationISO Annex SL Clause 4: Context of the Organisation
ISO Annex SL Clause 4: Context of the OrganisationRobert Clements
 
Iso 27001 2013 Standard Requirements
Iso 27001 2013 Standard RequirementsIso 27001 2013 Standard Requirements
Iso 27001 2013 Standard RequirementsUppala Anand
 
Annex SL Training for ISO 9001:2015. & ISO 14001:2015.
Annex SL Training for ISO 9001:2015. & ISO 14001:2015.Annex SL Training for ISO 9001:2015. & ISO 14001:2015.
Annex SL Training for ISO 9001:2015. & ISO 14001:2015.Robert Clements
 
PECB Webinar: The alignment of Information Security in Service Management
PECB Webinar: The alignment of Information Security in Service ManagementPECB Webinar: The alignment of Information Security in Service Management
PECB Webinar: The alignment of Information Security in Service ManagementPECB
 
Business Continuity - 5 Basic Steps
Business Continuity - 5 Basic StepsBusiness Continuity - 5 Basic Steps
Business Continuity - 5 Basic StepsRobert Clements
 
what is Business Continuity Management System?
what is Business Continuity Management System?what is Business Continuity Management System?
what is Business Continuity Management System?Ascent World
 
ISO 27002
ISO 27002ISO 27002
ISO 27002DGT
 
ISO 27001 Information Security Management Systems Trends and Developments
ISO 27001 Information Security Management Systems Trends and DevelopmentsISO 27001 Information Security Management Systems Trends and Developments
ISO 27001 Information Security Management Systems Trends and DevelopmentsCertification Europe
 

Viewers also liked (16)

ISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedure
 
ISO 27001
ISO 27001ISO 27001
ISO 27001
 
ISO 27001:2013 Mandatory documents and records
ISO 27001:2013 Mandatory documents and recordsISO 27001:2013 Mandatory documents and records
ISO 27001:2013 Mandatory documents and records
 
ISO Annex SL Clause 4: Context of the Organisation
ISO Annex SL Clause 4: Context of the OrganisationISO Annex SL Clause 4: Context of the Organisation
ISO Annex SL Clause 4: Context of the Organisation
 
ISO 27001:2013 - Changes
ISO 27001:2013 - ChangesISO 27001:2013 - Changes
ISO 27001:2013 - Changes
 
Iso 27001 2013 Standard Requirements
Iso 27001 2013 Standard RequirementsIso 27001 2013 Standard Requirements
Iso 27001 2013 Standard Requirements
 
Annex SL Training for ISO 9001:2015. & ISO 14001:2015.
Annex SL Training for ISO 9001:2015. & ISO 14001:2015.Annex SL Training for ISO 9001:2015. & ISO 14001:2015.
Annex SL Training for ISO 9001:2015. & ISO 14001:2015.
 
PECB Webinar: The alignment of Information Security in Service Management
PECB Webinar: The alignment of Information Security in Service ManagementPECB Webinar: The alignment of Information Security in Service Management
PECB Webinar: The alignment of Information Security in Service Management
 
Business Continuity - 5 Basic Steps
Business Continuity - 5 Basic StepsBusiness Continuity - 5 Basic Steps
Business Continuity - 5 Basic Steps
 
UAE Business Continuity Management Standard
UAE Business Continuity Management StandardUAE Business Continuity Management Standard
UAE Business Continuity Management Standard
 
what is Business Continuity Management System?
what is Business Continuity Management System?what is Business Continuity Management System?
what is Business Continuity Management System?
 
As nzs iso 31000 2009 risk management - principles and guidelines
As nzs iso 31000 2009 risk management - principles and guidelinesAs nzs iso 31000 2009 risk management - principles and guidelines
As nzs iso 31000 2009 risk management - principles and guidelines
 
ISO 27002
ISO 27002ISO 27002
ISO 27002
 
ISO 27001 Information Security Management Systems Trends and Developments
ISO 27001 Information Security Management Systems Trends and DevelopmentsISO 27001 Information Security Management Systems Trends and Developments
ISO 27001 Information Security Management Systems Trends and Developments
 
ISO/IEC 27001:2005
ISO/IEC 27001:2005ISO/IEC 27001:2005
ISO/IEC 27001:2005
 
Sarbanes Oxley Act
Sarbanes Oxley ActSarbanes Oxley Act
Sarbanes Oxley Act
 

Similar to ISO/IEC 27001:2013

ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?
ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?
ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?PECB
 
Friday Forum ISO 27001: 2013
Friday Forum ISO 27001: 2013Friday Forum ISO 27001: 2013
Friday Forum ISO 27001: 2013APEXMarCom
 
Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1Sylvain Martinez
 
All you wanted to know about iso 27000
All you wanted to know about iso 27000All you wanted to know about iso 27000
All you wanted to know about iso 27000Ramana K V
 
NQA-Webinar-A-guide-to-the-changes-to-ISO-27002.pdf
NQA-Webinar-A-guide-to-the-changes-to-ISO-27002.pdfNQA-Webinar-A-guide-to-the-changes-to-ISO-27002.pdf
NQA-Webinar-A-guide-to-the-changes-to-ISO-27002.pdfJhonGIg
 
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information Standard
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information StandardQuick Guide to ISO/IEC 27701 - The Newest Privacy Information Standard
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information StandardPECB
 
Log Monitoring and Fie Integrity Monitoring
Log Monitoring and Fie Integrity MonitoringLog Monitoring and Fie Integrity Monitoring
Log Monitoring and Fie Integrity MonitoringControlCase
 
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowCMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowPECB
 
List of ISO27000-Family International Standards organisation.pdf
List of ISO27000-Family International Standards organisation.pdfList of ISO27000-Family International Standards organisation.pdf
List of ISO27000-Family International Standards organisation.pdfDavidMorris296217
 
Continual Compliance for PCI DSS, E13PA and ISO 27001/2
Continual Compliance for PCI DSS, E13PA and ISO 27001/2Continual Compliance for PCI DSS, E13PA and ISO 27001/2
Continual Compliance for PCI DSS, E13PA and ISO 27001/2ControlCase
 
Log Monitoring, FIM– PCI DSS, ISO 27001, HIPAA, FISMA and EI3PA
Log Monitoring, FIM– PCI DSS, ISO 27001, HIPAA, FISMA and EI3PALog Monitoring, FIM– PCI DSS, ISO 27001, HIPAA, FISMA and EI3PA
Log Monitoring, FIM– PCI DSS, ISO 27001, HIPAA, FISMA and EI3PAControlCase
 
Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001
Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001
Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001ControlCase
 
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...Cisco Canada
 
The best way to use ISO 27001
The best way to use ISO 27001The best way to use ISO 27001
The best way to use ISO 27001powertech
 
What is ISO 27001 ISMS
What is ISO 27001 ISMSWhat is ISO 27001 ISMS
What is ISO 27001 ISMSBusiness Beam
 
102 Information security standards and specifications
102 Information security standards and specifications102 Information security standards and specifications
102 Information security standards and specificationsSsendiSamuel
 
Log monitoring and file integrity monitoring
Log monitoring and file integrity monitoringLog monitoring and file integrity monitoring
Log monitoring and file integrity monitoringControlCase
 
ISO 27001 INFORMATION TECHNOLOGY MANAGEMENT SYSTEM
ISO 27001 INFORMATION TECHNOLOGY MANAGEMENT SYSTEMISO 27001 INFORMATION TECHNOLOGY MANAGEMENT SYSTEM
ISO 27001 INFORMATION TECHNOLOGY MANAGEMENT SYSTEMRozil Anwar
 

Similar to ISO/IEC 27001:2013 (20)

ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?
ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?
ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27032: How do they map?
 
Friday Forum ISO 27001: 2013
Friday Forum ISO 27001: 2013Friday Forum ISO 27001: 2013
Friday Forum ISO 27001: 2013
 
Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1
 
All you wanted to know about iso 27000
All you wanted to know about iso 27000All you wanted to know about iso 27000
All you wanted to know about iso 27000
 
NQA-Webinar-A-guide-to-the-changes-to-ISO-27002.pdf
NQA-Webinar-A-guide-to-the-changes-to-ISO-27002.pdfNQA-Webinar-A-guide-to-the-changes-to-ISO-27002.pdf
NQA-Webinar-A-guide-to-the-changes-to-ISO-27002.pdf
 
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information Standard
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information StandardQuick Guide to ISO/IEC 27701 - The Newest Privacy Information Standard
Quick Guide to ISO/IEC 27701 - The Newest Privacy Information Standard
 
Log Monitoring and Fie Integrity Monitoring
Log Monitoring and Fie Integrity MonitoringLog Monitoring and Fie Integrity Monitoring
Log Monitoring and Fie Integrity Monitoring
 
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to KnowCMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
 
List of ISO27000-Family International Standards organisation.pdf
List of ISO27000-Family International Standards organisation.pdfList of ISO27000-Family International Standards organisation.pdf
List of ISO27000-Family International Standards organisation.pdf
 
Continual Compliance for PCI DSS, E13PA and ISO 27001/2
Continual Compliance for PCI DSS, E13PA and ISO 27001/2Continual Compliance for PCI DSS, E13PA and ISO 27001/2
Continual Compliance for PCI DSS, E13PA and ISO 27001/2
 
ISO 27001:2022 What has changed.pdf
ISO 27001:2022 What has changed.pdfISO 27001:2022 What has changed.pdf
ISO 27001:2022 What has changed.pdf
 
Log Monitoring, FIM– PCI DSS, ISO 27001, HIPAA, FISMA and EI3PA
Log Monitoring, FIM– PCI DSS, ISO 27001, HIPAA, FISMA and EI3PALog Monitoring, FIM– PCI DSS, ISO 27001, HIPAA, FISMA and EI3PA
Log Monitoring, FIM– PCI DSS, ISO 27001, HIPAA, FISMA and EI3PA
 
Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001
Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001
Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001
 
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...
 
The best way to use ISO 27001
The best way to use ISO 27001The best way to use ISO 27001
The best way to use ISO 27001
 
What is ISO 27001 ISMS
What is ISO 27001 ISMSWhat is ISO 27001 ISMS
What is ISO 27001 ISMS
 
102 Information security standards and specifications
102 Information security standards and specifications102 Information security standards and specifications
102 Information security standards and specifications
 
Log monitoring and file integrity monitoring
Log monitoring and file integrity monitoringLog monitoring and file integrity monitoring
Log monitoring and file integrity monitoring
 
ISMS implementation challenges-KASYS
ISMS implementation challenges-KASYSISMS implementation challenges-KASYS
ISMS implementation challenges-KASYS
 
ISO 27001 INFORMATION TECHNOLOGY MANAGEMENT SYSTEM
ISO 27001 INFORMATION TECHNOLOGY MANAGEMENT SYSTEMISO 27001 INFORMATION TECHNOLOGY MANAGEMENT SYSTEM
ISO 27001 INFORMATION TECHNOLOGY MANAGEMENT SYSTEM
 

More from Ramiro Cid

Seminario sobre ciberseguridad
Seminario sobre ciberseguridadSeminario sobre ciberseguridad
Seminario sobre ciberseguridadRamiro Cid
 
Captación y registro de comunicaciones orales y de imagen
Captación y registro de comunicaciones orales y de imagenCaptación y registro de comunicaciones orales y de imagen
Captación y registro de comunicaciones orales y de imagenRamiro Cid
 
Passwords for sale
Passwords for salePasswords for sale
Passwords for saleRamiro Cid
 
Cyber security threats for 2017
Cyber security threats for 2017Cyber security threats for 2017
Cyber security threats for 2017Ramiro Cid
 
¿Cuáles son los peligros a los que se enfrenta su sistema informático?
¿Cuáles son los peligros a los que se enfrenta su sistema informático?¿Cuáles son los peligros a los que se enfrenta su sistema informático?
¿Cuáles son los peligros a los que se enfrenta su sistema informático?Ramiro Cid
 
Cloud Computing, IoT, BYOD Ha muerto el perímetro corporativo. ¿y ahora qué?
Cloud Computing, IoT, BYOD Ha muerto el perímetro corporativo. ¿y ahora qué?Cloud Computing, IoT, BYOD Ha muerto el perímetro corporativo. ¿y ahora qué?
Cloud Computing, IoT, BYOD Ha muerto el perímetro corporativo. ¿y ahora qué?Ramiro Cid
 
Lean Six Sigma methodology
Lean Six Sigma methodologyLean Six Sigma methodology
Lean Six Sigma methodologyRamiro Cid
 
IT Governance & ISO 38500
IT Governance & ISO 38500IT Governance & ISO 38500
IT Governance & ISO 38500Ramiro Cid
 
Cyber Security Resilience & Risk Aggregation
Cyber Security Resilience & Risk AggregationCyber Security Resilience & Risk Aggregation
Cyber Security Resilience & Risk AggregationRamiro Cid
 
EU General Data Protection Regulation
EU General Data Protection RegulationEU General Data Protection Regulation
EU General Data Protection RegulationRamiro Cid
 
Social engineering attacks
Social engineering attacksSocial engineering attacks
Social engineering attacksRamiro Cid
 
Thinking on risk analysis
Thinking on risk analysisThinking on risk analysis
Thinking on risk analysisRamiro Cid
 
Drones and their use on critical infrastructure
Drones and their use on critical infrastructureDrones and their use on critical infrastructure
Drones and their use on critical infrastructureRamiro Cid
 
Internet of things, big data & mobility vs privacy
Internet of things, big data & mobility vs privacyInternet of things, big data & mobility vs privacy
Internet of things, big data & mobility vs privacyRamiro Cid
 
Space computing
Space computingSpace computing
Space computingRamiro Cid
 
The relation between internet of things, critical infrastructure and cyber se...
The relation between internet of things, critical infrastructure and cyber se...The relation between internet of things, critical infrastructure and cyber se...
The relation between internet of things, critical infrastructure and cyber se...Ramiro Cid
 
Internet of things
Internet of thingsInternet of things
Internet of thingsRamiro Cid
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityRamiro Cid
 
Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security AwarenessRamiro Cid
 

More from Ramiro Cid (20)

Seminario sobre ciberseguridad
Seminario sobre ciberseguridadSeminario sobre ciberseguridad
Seminario sobre ciberseguridad
 
Captación y registro de comunicaciones orales y de imagen
Captación y registro de comunicaciones orales y de imagenCaptación y registro de comunicaciones orales y de imagen
Captación y registro de comunicaciones orales y de imagen
 
Passwords for sale
Passwords for salePasswords for sale
Passwords for sale
 
Cyber security threats for 2017
Cyber security threats for 2017Cyber security threats for 2017
Cyber security threats for 2017
 
¿Cuáles son los peligros a los que se enfrenta su sistema informático?
¿Cuáles son los peligros a los que se enfrenta su sistema informático?¿Cuáles son los peligros a los que se enfrenta su sistema informático?
¿Cuáles son los peligros a los que se enfrenta su sistema informático?
 
Cloud Computing, IoT, BYOD Ha muerto el perímetro corporativo. ¿y ahora qué?
Cloud Computing, IoT, BYOD Ha muerto el perímetro corporativo. ¿y ahora qué?Cloud Computing, IoT, BYOD Ha muerto el perímetro corporativo. ¿y ahora qué?
Cloud Computing, IoT, BYOD Ha muerto el perímetro corporativo. ¿y ahora qué?
 
Lean Six Sigma methodology
Lean Six Sigma methodologyLean Six Sigma methodology
Lean Six Sigma methodology
 
IT Governance & ISO 38500
IT Governance & ISO 38500IT Governance & ISO 38500
IT Governance & ISO 38500
 
Cyber Security Resilience & Risk Aggregation
Cyber Security Resilience & Risk AggregationCyber Security Resilience & Risk Aggregation
Cyber Security Resilience & Risk Aggregation
 
EU General Data Protection Regulation
EU General Data Protection RegulationEU General Data Protection Regulation
EU General Data Protection Regulation
 
Payment fraud
Payment fraudPayment fraud
Payment fraud
 
Social engineering attacks
Social engineering attacksSocial engineering attacks
Social engineering attacks
 
Thinking on risk analysis
Thinking on risk analysisThinking on risk analysis
Thinking on risk analysis
 
Drones and their use on critical infrastructure
Drones and their use on critical infrastructureDrones and their use on critical infrastructure
Drones and their use on critical infrastructure
 
Internet of things, big data & mobility vs privacy
Internet of things, big data & mobility vs privacyInternet of things, big data & mobility vs privacy
Internet of things, big data & mobility vs privacy
 
Space computing
Space computingSpace computing
Space computing
 
The relation between internet of things, critical infrastructure and cyber se...
The relation between internet of things, critical infrastructure and cyber se...The relation between internet of things, critical infrastructure and cyber se...
The relation between internet of things, critical infrastructure and cyber se...
 
Internet of things
Internet of thingsInternet of things
Internet of things
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security Awareness
 

Recently uploaded

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 

Recently uploaded (20)

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 

ISO/IEC 27001:2013

  • 1. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid ISO/IEC 27001:2013 ISO/IEC 27001:2013 Ramiro Cid | @ramirocid
  • 2. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid ISO/IEC 27001:2013 ISO/IEC 27001:2013 References: ISO/IEC 27001:2013. Final draft: Published on 07/2013. Final version: End of 2013.
  • 3. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid ISO/IEC 27001:2013 Changes on ISO/IEC 27001:2013 Main changes in comparte with the previous version (ISO/IEC 27001:2005): • ISO/IEC 27001:2013 will have 114 controls into 14 domains (the actual version have 133 controls in 11 domains). • 11 new controls: • A.6.1.5 Information security in project management • A.12.6.2 Restrictions on software installation • A.14.2.1 Secure development policy • A.14.2.5 Secure system engineering principles • A.14.2.6 Secure development environment • A.14.2.8 System security testing • A.15.1.1 Information security policy for supplier relationships • A.15.1.3 Information and communication technology supply chain • A.16.1.4 Assessment of and decision on information security events • A.16.1.5 Response to information security incidents • A.17.2.1 Availability of information processing facilities
  • 4. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid ISO/IEC 27001:2013 Main changes in comparte with the previous version (ISO/IEC 27001:2005): • 14 domains instead of 11. The new domains will be: • A.5: Information security policies • A.6: How information security is organised • A.7: Human resources security - controls that are applied before, during, or after employment. • A.8: Asset management • A.9: Access controls and managing user access • A.10: Cryptographic technology • A.11: Physical security of the organisation's sites and equipment • A.12: Operational security • A.13: Secure communications and data transfer • A.14: Secure acquisition, development, and support of information systems • A.15: Security for suppliers and third parties • A.16: Incident management • A.17: Business continuity/disaster recovery (to the extent that it affects information security) • A.18: Compliance - with internal requirements, such as policies, and with external requirements, such as laws Changes on ISO/IEC 27001:2013
  • 5. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid ISO/IEC 27001:2013 Domains comparision chart: ISO/IEC 27001:2005 ISO/IEC 27001:2013 A.5 -Security policy A.5: Information security policies A.6 -Organization ofinformation security A.6: How information security is organised A.8 -Human resources security A.7: Human resources security -controls that are applied before, during, or after employment. A.7 -Asset management A.8: Asset management A.11 - Access control A.9: Access controls and managing user access A.10: Cryptographic technology A.9 -Physical and environmental security A.11: Physical security ofthe organisation's sites and equipment A.12: Operational security A.10 -Communications and operations management A.13: Secure communications and data transfer A.12 -Information systems acquisition, development and maintenance A.14: Secure acquisition, development, and support ofinformation systems A.15: Security for suppliers and third parties A.13 -Information security incident management A.16: Incident management A.14 -Business continuity management A.17: Business continuity/disaster recovery (to the extent that it affects information security) A.15 -Compliance A.18: Compliance -with internal requirements, such as policies, and with external requirements, such as laws Changes on ISO/IEC 27001:2013
  • 6. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid ISO/IEC 27001:2013 References URL to complete the knowledge: ISO: 1. ISO Oficial web: http://www.iso.org/ 2. 2013 version on ISO Oficinal web: http://www.iso.org/iso/home/news_index/news_archive/news.htm?refid=Ref1767 3. Wikipedia (ISO/IEC 27001:2005): http://en.wikipedia.org/wiki/ISO/IEC_27001 4. Wikipedia (ISO/IEC 27001:2013): http://en.wikipedia.org/wiki/ISO/IEC_27001:2013
  • 7. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid ISO/IEC 27001:2013 Questions ? Many thanks! ramiro@ramirocid.com @ramirocid http://www.linkedin.com/in/ramirocid http://ramirocid.com http://es.slideshare.net/ramirocid http://www.youtube.com/user/cidramiro Ramiro Cid CISM, CGEIT, ISO 27001 LA, ISO 22301 LA, ITIL