1. ISO 27001The CEO Guideto implement ISO 27001

2. ISO 27001 ISO 27002 ISO 27001ISO 27001ISO 9001 3. Information can beStolenEntered CreatedLostStored Processed Destroyed Corrupted 4. Information Assets 5. Information 6. What is Information? Information is an asset which, like other importantbusiness assets, has value to an organization andconsequently needs to be suitably protected.Ref: ISO/IEC 17799:2005 7. Criteria of Information Security.ConfidentialityInformationSecurityAvailability Integrity 8. PeopleProcesses Technology 9. ProcessesTechnology People 10. Information SecurityManagement systemTangible assets Confidentiality People, Processes , TechnologyIntangible assets IntegrityPlan | Do | Check | Act Availability ISO 27002, Code of Practice For ISO 27001, InformationInformation Security Management Security Management Systems RequirementThese standards are accepted as industry best practices 11. ISO 27001 12. ISO 27001 13. ISO 27001 Statement ofapplicability 14. ISO 27001 Statement ofapplicability 15. MilitaryCommercialTop Secret. Confidential.Secret. Private.Confidential. Sensitive.Sensitive.Public.Unclassified. 16. ISO 27001 Statement ofapplicability 17. ISO 27001 18. ISO 27002 ISO 27001 ISO 27002ISO 27001ControlISO 27001 19. Technical ProposalImplementation MethodologyTraining ProcessProject Documents 20. ISO 27001 21. ISO 27001 22. ISO 27001 23. ISO 9001 ISO 27001 24. ConclusionISO 27001 25. Questions & Answers 26. IT GOVERNANCE, A Managers Guide toData Security and ISO 27001/ISO 27002, 4thedition, Alan Calder & Steve Watkins. Effectively Managing Information SecurityRisk, A guide for executives, CitadelInformation Group, Inc. , January, 2007 http://iso27001standard.com.