ISO 27001:2013 Information Security Management System

Page 1

C106: DEMO OF THE INFORMATION SECURITY MANAGEMENT SYSTEM - ISO 27001:2013 AWARENESS AND AUDITOR TRAINING PPT PRESENTATION KIT Price 360 USD

Buy: www.globalmanagergroup.com C106- CONTENTS OF ISO 27001:2013 PPT PRESENTATIONS TRAINING KIT A. The entire PPT presentation kit has 6 main directories as below. ISO 27001:2013 Awareness and auditor Training Presentation kit with auditor certificate Sr. No.

List of Directory PPT Presentation

1.

Document of Details No. of Slides

1.

Overview of Information Security Management system

32

2.

ISO 27001-2013 requirements

42

3.

Information security related Definitions

05

4.

ISMS Documented information and 4 tier document structure

15

5.

ISO 27001 ISMS Internal auditing process

60

6.

Steps for ISO 27001 certification

12

7.

Risk assessment

28

8.

ISMS controls and control objectives

33

9.

Information Security management

52

10.

Information security controls as per BS 7799-2 with pictures

84

Case Study

06

Work shop

03

Total no. of slides ďƒ¨

372

2.

A trainer's guide and hand outs and editable form to understand ISMS subject well

Approx. 70 Pages in Ms. word

3.

Work-shops and case studies to evaluate effectiveness of training.

4.

ISO/IEC 27001:2013, BS 7799-2 controls and Annexure A control related ISMS audit checklist and questions

More than 500 questions

5.

Sample copy of ISO/IEC 27001:2013 audit forms and templates to maintain ISO/IEC 27001:2013 audit records.

03 forms in Ms. Word

6.

Sample copy of certified ISO/IEC 27001:2013auditor training certificate

05 workshops and 02 case studies

01 file in Ms. Word

www.globalmanagergroup.com E mail sales@globalmanagergroup.com Tele: +91-79-2979 5322

Page 1 of 8


C106: DEMO OF THE INFORMATION SECURITY MANAGEMENT SYSTEM - ISO 27001:2013 AWARENESS AND AUDITOR TRAINING PPT PRESENTATION KIT Price 360 USD

Buy: www.globalmanagergroup.com Part: 1 Topic wise number of slides:Sr. No.

Title of Slides

No of Slide

1.

Overview of Information Security Management system

32

2.

ISO 27001-2013 requirements

42

3.

Information security related Definitions

05

4.

ISMS Documented information and 4 tier document structure

15

5.

ISO 27001 ISMS Internal auditing process

60

6.

Steps for ISO 27001 certification

12

7.

Risk assessment

28

8.

ISMS controls and control objectives as per Annexure A of ISo 27001

33

9.

Information Security management

52

10.

Information security controls as per BS 7799-2 with pictures

84

Case Study

06

Work shop

03

Total No. of Slides 

372

To get more information about ISO 27001 :2013 Training kit Click Here 1. Presentation: Under this directory further files are made in power point presentation as per the chapter listed below. 

Topic wise Power Point presentation in 10 modules as listed below.

1. Overview of Information Security Management system It covers Overview of ISMS system, benefits and summary of overall system 2. ISO 27001-2013 requirements It covers Information Security systems specifications, Requirements, Establishment, Implement and operate the ISMS, Monitor and review the ISMS, Maintain and improve the ISMS, 3. ISO Information security related Definitions It covers Information Security systems related definitions

www.globalmanagergroup.com E mail sales@globalmanagergroup.com Tele: +91-79-2979 5322

Page 2 of 8


C106: DEMO OF THE INFORMATION SECURITY MANAGEMENT SYSTEM - ISO 27001:2013 AWARENESS AND AUDITOR TRAINING PPT PRESENTATION KIT Price 360 USD

Buy: www.globalmanagergroup.com 4. ISMS Documented information and 4 tier document structure It covers Information Security Management System documented information and 4 tier document structure. 5. ISO 27001 ISMS Internal auditing process It covers how to do the Internal Audit as per standard of ISO 27001 2013. it cover Audit Planning, Steps of Audit etc. The details ISMS process is given 6. Steps for ISO 27001 certification It covers Implementation Methodology, Steps for Installation, The top 10 non-conformances, Audit Process, What happens during a certification audit 7. Risk assessment It covers the Risk assessment of ISMS ISO 27001 what is Risk assessment, Objective of Risk assessment. 8. ISMS controls and control objectives as per ISO 27002 ( Annexure A) It covers the Information Security Management Systems controls and control objectives as per ISO 27002 (Annexure A).The description is helpful for users to understand it 9. Information Security management It covers the all information about Information Security Management in more than 50 PPT slides with all critical aspects of ISMS like risk assessment, treatment etc. 10. Information security controls as per BS 7799-2 with pictures It covers the overview, information security policy, Internal organisation tasks of ISM Forum, Asset management and asset inventory, personnel security, security areas, operational processes, access administration and control, system development and maintenance application security, Business continuity management, compliance issues and establishing the ISMS. Also many places pictorial presentation is given for better understanding to users

This part comprises more than 360 ppt presentations, each pleasingly presented presentation designed to get the message over, and establish a much better understanding. It also describes how to tackle it and drills down into all these topics. No voice is put in the presentation and user can edit it to suit his requirements in local languages.

www.globalmanagergroup.com E mail sales@globalmanagergroup.com Tele: +91-79-2979 5322

Page 3 of 8


C106: DEMO OF THE INFORMATION SECURITY MANAGEMENT SYSTEM - ISO 27001:2013 AWARENESS AND AUDITOR TRAINING PPT PRESENTATION KIT Price 360 USD

Buy: www.globalmanagergroup.com 2. A trainer's guide and hand outs and editable form to understand ISMS subject well:This topic covers write up for the ready reference to the participant for understanding reading the subject to get in depth knowledge on the subject

and

It is given in word. You may also use it for further reading and circulations within audience Chapter No.

SECTION

1.

Overview of Security Management Standard (ISO 27001:2013)

2.

ISO 27001 requirements

3.

Assets Lists

4.

ISO 27001:2013 certification methodology

5.

Approach Paper for ISMS Implementation

6.

Risk assessment and risk management

7.

Information Security management System Audit

8.

Information Security Management system Audit reports

9.

Work shops Work Shop- 1 Work Shop- 2 (a),(b),(c) Work Shop- 3 Work Shop- 4 Work Shop- 5 Case Study – 1

10.

Case Study – 2

3. Work-shops and case studies to evaluate effectiveness of training9 ^ workshops & 2 case study):This topic covers workshops and case studies to evaluate effectiveness of training. Each participant needs to solve this work shop and case study after undergoing the training. After successful completion of work shop and case study the ISO 27001 internal auditor training certificate is given. Total workshop 6 Case study 2 www.globalmanagergroup.com E mail sales@globalmanagergroup.com Tele: +91-79-2979 5322

Page 4 of 8


C106: DEMO OF THE INFORMATION SECURITY MANAGEMENT SYSTEM - ISO 27001:2013 AWARENESS AND AUDITOR TRAINING PPT PRESENTATION KIT Price 360 USD

Buy: www.globalmanagergroup.com 4. ISMS ready to use audit audit questions):-

checklist and questions (More than 600

This topic covers ISO/IEC 27001:2013, BS 7700-2 controls and annexure A control related audit checklist and questions. It also includes questions for good system implementation and ready tool kit for the ISMS auditor to be effective auditor a. ISO 27001 -2013 requirement wise audit checklist b. ISO 27001 controls audit checklist c. BS 7799 –Good practices audit checklist

5. Sample copy of ISO/IEC 27001:2013 audit forms and templates to maintain ISO/IEC 27001:2013 audit records ( 3 forms):This topic covers ISO/IEC 27001:2013 audit forms and templates to maintain ISO/IEC 27001:2013 audit records. a. Audit plan/Programme b. Internal ISMS audit non conformity report c. ISO 27001-2013 Audit checklist report (clause wise)

6. Sample copy certificate:-

of

certified

ISO/IEC

27001:2013auditor

training

The sample copy of certified internal auditor is given in word edit form. So after successful completion of workshops and case study the training certificate can be given to the trained internal auditor for ISO 27001-2013 auditor training certificate.

www.globalmanagergroup.com E mail sales@globalmanagergroup.com Tele: +91-79-2979 5322

Page 5 of 8


C106: DEMO OF THE INFORMATION SECURITY MANAGEMENT SYSTEM - ISO 27001:2013 AWARENESS AND AUDITOR TRAINING PPT PRESENTATION KIT Price 360 USD

Buy: www.globalmanagergroup.com Chapter-2.0 ABOUT COMPANY Global manager group is a progressive company and promoted by a group of qualified engineers and management graduates having rich experience of 20 years in ISO consultancy and management areas. The company serves the global customers through on-site and off-site modes of service delivery systems. We offer a full range of consulting services geared towards helping all types of organizations to achieve competitiveness, certifications and compliance to international standards and regulations. So far we had more than 1200 clients in more than 45 countries. Our readymade training and editable document kit helps the client in making their documents easy and make them complying to related standard faster with the establishment of best processes. It helps the organization to make the best system with process improvement concepts and helps the organization to get best performances in terms of reduction in costing, efforts and get the things done timely with Quality product. Thus it helps the organization to give full value for money and pay back of our product is less than 2 month. 1. Our promoters and engineers have experience of more than 1200 companies globally for management training, ISO consultancy, process improvement concept implementation and ISO series consultancy. We had clients in more than 45 countries. 2. Highly qualified 40 team members (M.B.A., Degree engineers) and owner is having rich professional experience (since 1991). 3. We have 100% success rate for global standards certification including ISO of our clients from reputed certifying body and branded image and leading name in the market. 4. Suggest continual improvement and cost reduction measures as well as highly informative training presentations and other products gives payback within 2 months against our cost. 5. So far more than 50000 employees are trained by us in ISO series certification in last 20 years. 6. We had spent more than 60000 man-days (170 man years) in preparing ISO documents and training slides. 7. Our product gives lot of opportunity for process improvements and gives full benefits to the users.

Global Manager Group is committed for: 1. 2. 3. 4. 5.

Personal involvement & commitment from first day Optimum charges Professional approach Hard work and update the knowledge of team members Strengthening clients by system establishment and providing best training materials in any areas of management to make their house in proper manner 6. To establish strong internal control with the help of system and use of the latest management techniques www.globalmanagergroup.com E mail sales@globalmanagergroup.com Tele: +91-79-2979 5322

Page 6 of 8


C106: DEMO OF THE INFORMATION SECURITY MANAGEMENT SYSTEM - ISO 27001:2013 AWARENESS AND AUDITOR TRAINING PPT PRESENTATION KIT Price 360 USD

Buy: www.globalmanagergroup.com Chapter-3.0 USER FUNCTION 3.1 Hardware and Software Requirements A. Hardware:

Our document kit can be better performed with the help of P3 and above computers with a minimum 10 GB hard disk space.

For better visual impact of the power point Document you may keep the setting of colour image at high colour. B. Software used in Document kit

Hand-outs written in word 2003 and 2007 and window XP and Presentation made in Power point programs you are therefore required to have office 2003 and office 2007. 3.2 Features of Document kit:-

It will save much time in typing and preparation of presentation alone.

Written in Plain English

Easily customized by you to add audio clips in the local language etc to prepare presentation for any other groups and user can easily customize it for own use.

Good guide for training of all the group members for ISO 27001:2013 awareness and auditor training.

User-friendly and easy to learn.

Developed under the guidance of experienced experts.

www.globalmanagergroup.com E mail sales@globalmanagergroup.com Tele: +91-79-2979 5322

Page 7 of 8


C106: DEMO OF THE INFORMATION SECURITY MANAGEMENT SYSTEM - ISO 27001:2013 AWARENESS AND AUDITOR TRAINING PPT PRESENTATION KIT Price 360 USD

Buy: www.globalmanagergroup.com Chapter-4.0 WHAT THE BENEFITS ARE TO IMPLEMENTS ISMS AS PER ISO 27001:2013? Implementation of proper Information Security Management System as per requirement of ISO 27001:2013 standard improves organization to design and formulate its specific set of security requirements and desired objective. Organizations can use this standard to provide relevant information about information security policies, directives, standards and procedures to its trading partners as well as any other organization that they interact with for operational or commercial purposes. ISO 27001:2013 guidelines provide a comprehensive model for information security management systems that can make any company competitive. Among the wide advantages of the ISO 27001:2013 standard some of as follows:       

Lower Expenses – through avoided risks Increase information security level within the organization Enhance the knowledge and importance of security-related issues at all level and improve information security controls Improved visibility into your information security program & better security awareness Enhancement of client and partner confidence & perception of your organization Better alignment within your organization Assists in the development of best information security practice

www.globalmanagergroup.com E mail sales@globalmanagergroup.com Tele: +91-79-2979 5322

Page 8 of 8


Punyam Management Services Pvt. Ltd. Punyam

Click Click toto edit edit Master Master title title style style •• • • • •

Click toto edit__ Master text_____ styles Click ____ edit ____ Master text____ styles Second – Secondlevel level Second ______ level Third level • Third level Fourth level Fourth– level _____ Third level _____ » Fifth level Fifth level Fourth ____ _____ level

_____ Fifth level _____ ____ _____ GMG

Copy # 81 copyright @ Global Manager Group; E-mail: sales@globalmanagergroup.com Copyrights 2013 @ I Global Manager Group | sales@globalmanagergroup.com |

1 1


Punyam Management Services Pvt. Ltd.

Potential Effects

GMG

Selection of Measures

Scope

Click toto edit__ Master text_____ styles Click ____ edit ____ Master text____ styles Second – Secondlevel level Implement Second ______ level Measures Third level • Third level Control Fourth level Fourth– level _____ Third level _____ » Fifth level Fifth level Fourth ____ _____ level

IS-Policy

•• • • • •

Risk Analysis

IS - Managementsystem Click Click toto edit edit Master Master title title style style

Punyam

_____ Fifth level _____ Effectiveness ____ _____

Copy # 81 copyright @ Global Manager Group; E-mail: sales@globalmanagergroup.com Copyrights 2013 @ I Global Manager Group | sales@globalmanagergroup.com |

2 2


Punyam Management Services Pvt. Ltd.

Requirements of Standards as per ISO/IEC 27001-2013

Punyam

Click Click toto edit edit Master Master title title style style 10 Improvement 9 Performance •Monitoring Measurement, analysis and evaluation •Internal audit •Management review

•• Click toto edit__ Master text_____ styles Click ____ edit ____ Master text____ styles • Second 4 Context of the – Secondlevel level Organization Second ______ level • Third level • Third level 8 Operation 5 leadership – level Fourth level Planning •Leadership and •• Operation Fourth _____ Third level _____ & control commitment » Fifth level risk assessment •Policy ••• ISISFifth level Fourth risk treatment ____ _____ level •Roles, responsibility & authority

7 Support

6 Planning _____ Fifth level _____ ____ _____ • • • • •

GMG

Resources Competence Awareness Communication Documented information

• Actions, risks and opportunity • IS Objectives & Planning

Copy # 81 copyright @ Global Manager Group; E-mail: sales@globalmanagergroup.com Copyrights 2013 @ I Global Manager Group | sales@globalmanagergroup.com |

3 3


Punyam Management Services Pvt. Ltd.

5.2 Policy

Punyam

Click Click toto edit edit Master Master title title style style

 Establish an information security policy :

• Appropriate to the purpose of the organization •• Click to edit Master text styles • Includes information security objectives Second level – Second level • •Provide the framework for setting information security •objectives Third level • Third level Fourth level • •Includes to satisfy applicable requirements Fourtha–commitment level » Fifth level to continual improvement for ISMS • Includes a commitment • Fifth level • Communicate within the organization • Provide to interested parties, as appropriate

Click ____ to __ edit____ Master _____ text____ styles Second ______ level _____ Third level _____ Fourth ____ _____ level _____ Fifth level _____ The information security policy is documented and kept in ISMS ____ _____ manual GMG

Copy # 81 copyright @ Global Manager Group; E-mail: sales@globalmanagergroup.com Copyrights 2013 @ I Global Manager Group | sales@globalmanagergroup.com |

4 4


Punyam Management Services Pvt. Ltd.

Management Obligations

Punyam

Click Click toto edit edit Master Master title title style style

● Approve the ISMS Policy

● Ensure that security goals and Objectives are included in ••planning. Click to edit Master text styles

Click ____ to __ edit____ Master _____ text____ styles • Second level – Second level ● Setup IS related positions and assign roles,responsibilities Second ______ level • and Third level • Third level authorities – level Fourth level • Fourth _____ Third level _____ ● Conduct IS Marketing within the organisation » Fifth level • Fifth level Fourth _____ level ● Ensure that enough____ resources are present to operate and enhance the ISMS _____ Fifth level _____ ● Define levels of risk acceptance ____ _____ ● Trigger / Execute ISMS reviews GMG

Copy # 81 copyright @ Global Manager Group; E-mail: sales@globalmanagergroup.com Copyrights 2013 @ I Global Manager Group | sales@globalmanagergroup.com |

5 5


Punyam Management Services Pvt. Ltd. Department

Procedure No. : PRO/OO/XY

NAME OF THE COMPANY

Issue No. : 1.0 ISMS PROCEDURE

Punyam

Date : DD-MM-YY

Click Click toto edit edit Master Master title title style style

1.0 PURPOSE :

2.0

Give Statement of the Specific Purpose of the Procedure to Know Why This Procedure Is Being Followed. SCOPE : Mention the Department and the Area of Personnel Where the Procedure Applies. RESPONSIBILITY : Write Down Responsibility for Different Level of Persons for Different Activities Mention in This Procedure. DESCRIPTION OF ACTIVITIES : This Section Should Contain Details of the Activities Step by Step With Sub Title of Paragraphs and – Fourth level the Action to Be Taken. They Contain How the Actions Will Be Taken. » Fifth level REFERENCE : Give Reference of Internal and External Documents Used in Procedure ENCLOSURES : List Out Any Tables or Flowcharts Enclosed With the Procedure As a Part of Procedure. FORMATS / EXHIBITS : List Out Them in Proper Manner.

• • 3.0 • 4.0• • 5.0 • 6.0 7.0

Click toto edit__ Master text_____ styles Click ____ edit ____ Master text____ styles Second – Secondlevel level Second ______ level Third level • Third level Fourth level _____ Third level _____ Fifth level Fourth ____ _____ level

Originator

GMG

_____ Fifth level _____ ____ _____

Approved By

Signature

Copy # 81 copyright @ Global Manager Group; E-mail: sales@globalmanagergroup.com Copyrights 2013 @ I Global Manager Group | sales@globalmanagergroup.com |

Page Of 6

6


Punyam Management Services Pvt. Ltd.

Device Protection

Punyam

level1 level2 level3 level4 level5

level6

•• • • • •

Klasse4 Klasse5

Klasse1 Klasse2 Klasse3

Click Click toto edit edit Master Master title title style style Click toto edit__ Master text_____ styles Click ____ edit ____ Master textContracts ____ styles Maintenance Second – Secondlevel level Second ______ level Third level • Third level Mobile Devices – Fourth level Fourth level _____ Third level _____ » Fifth level Fifth level Fourth ____ _____ level Secure Cabling

GMG

_____ Fifth level _____ ____Recycling _____ or Reuse

Copy # 81 copyright @ Global Manager Group; E-mail: sales@globalmanagergroup.com Copyrights 2013 @ I Global Manager Group | sales@globalmanagergroup.com |

UPS

7 7


Punyam Management Services Pvt. Ltd.

Media Security

Punyam

Click Click toto edit edit Master Master title title style style Corporation Specific Definition of Media Media Disposal ••Erase Click toatto edit Master text_____ styles Click ____ __ edit ____ Master text____ styles •Secure Second level – Second level storage and transport, according to classification of data Second ______ level contained • Third level • Third level – level Fourth level •Formal Fourth procedure for_____ media disposal Third level _____ » Fifth level •Coordination Fifth level of Activity (internal, _____ external partners) Fourth ____ level

_____ Fifth level _____ Storage of media according to manufacturer‘s ____ _____ specifications Labeling of media

GMG

Copy # 81 copyright @ Global Manager Group; E-mail: sales@globalmanagergroup.com Copyrights 2013 @ I Global Manager Group | sales@globalmanagergroup.com |

8 8


Punyam Management Services Pvt. Ltd. Punyam

Information Security Technologies Click Click toto edit edit Master Master title title style style Firewalls Privacy compliance User account Remote access •• Click toadministration edit Master text styles Intrusion detection and Digital signature • Second level – Second level intrusion prevention Electronic data interchange • Third level Antivirus• Third level (EDI) and electronic funds – level Fourth level • Fourth Public key infrastructure (PKI) transfer (EFT) » Fifth level Virtual private networks • Fifth level Secure Sockets Layer (SSL) (VPNs) Single sign-on (SSO) Forensics Biometrics Monitoring technologies Encryption

Click ____ to __ edit____ Master _____ text____ styles Second ______ level _____ Third level _____ Fourth ____ _____ level _____ Fifth level _____ ____ _____

GMG

Copy # 81 copyright @ Global Manager Group; E-mail: sales@globalmanagergroup.com Copyrights 2013 @ I Global Manager Group | sales@globalmanagergroup.com |

9 9


Punyam Management Services Pvt. Ltd.

STEPS FOR INSTALLATION OF ISO:27001-2013 INFORMATIONPunyam SECURITYAL MANAGEMENT SYSTEM

Click Click toto edit edit Master Master title title style style

Conduct ISO:27001 awareness program (top + middle + bottom level).

Form a steering committee and task force for documentation

Identification of All Possible INFORMATION SECURITY risks to the company.

Establish risk assessment study and make risk treatment plan • Click • toSecurity editPolicy, Master text styles ► Define Information Objectives and Targets._____ Click ____ to __ edit ____ Master text ____ styles ►•Prepare documents oflevel INFORMATION SECURITY management system, Records, Legal Requirements. Second – Second level ► Train all for Information Security Management system for achieving Objectives & Targets. Second ______ level Third level • Third levelSuppliers and Interested parties. ►•Communication to all including ► Implementation & train all personnel in the use of procedures & formats. – level Fourth level • Fourth _____ ► Preparation and Implementation_____ ofThird system to establishlevel system for ISMS controls. » Fifth level ► Train internal auditors. • Fifth level ► Assess the system through first internal audit. Fourth ____ _____ level ►

Take corrective actions for non-conformities.

Apply for certification.

Assess the system through second round of internal audit.

Avail onsite document adequacy audit of certifying body.

Take actions on suggestions given by them

Final audit by certifying body.

GMG

_____ Fifth level _____ ____ _____

Copy # 81 copyright @ Global Manager Group; E-mail: sales@globalmanagergroup.com Copyrights 2013 @ I Global Manager Group | sales@globalmanagergroup.com |

10 10


C106: DEMO OF THE INFORMATION SECURITY MANAGEMENT SYSTEM - ISO 27001:2013 AWARENESS AND AUDITOR TRAINING PRESENTATION KIT Price 360 USD

Buy: www.globalmanagergroup.com Chapter-5.0 BENEFITS OF USING OUR PRESENTATION KIT 

By using these slides, you can save a lot of your precious time while preparing the ISO 27001:2013 awareness training course materials for in-house training programs.

To provide you with the Presentation Materials and hand-outs that you need for an effective presentation on ISO 27001:2013 awareness training, what it is, and what it requires

Present the basics of ISO 27001:2013 awareness training to Management or other groups

To deliver ISO 27001:2013 awareness training in a group, using a PowerPoint presentation

Take care for all the section and sub sections of ISO 27001:2013 awareness training and give better understanding at all the levels during ISO 27001:2013 awareness training implementation and sharpen the awareness of ISO 27001:2013 awareness training requirements for all employees within organization.

For Purchase Click Here

BUY

Visit our website for more ISO Auditor Training kits: https://www.globalmanagergroup.com/Eshop

www.globalmanagergroup.com E mail sales@globalmanagergroup.com Tele: +91-79-2979 5322

Page 1 of 1


Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.