null
US
Entrar
Registre-se gratuitamente
Registre-se
Detectamos que o JavaScript não está habilitado no teu navegador. Habilite o Javascript para o funcionamento correto do nosso site. Por favor, leia os
Termos e Condições
para mais informações.
Próximo
Copiar e Editar
Você deve estar logado para concluir esta ação!
Inscreva-se gratuitamente
39473
Security Mgt U3, BS7799 (Part 1)
Descrição
IYM001 Mapa Mental sobre Security Mgt U3, BS7799 (Part 1), criado por jjanesko em 06-04-2013.
Sem etiquetas
iym001
iym001
Mapa Mental por
jjanesko
, atualizado more than 1 year ago
Mais
Menos
Criado por
jjanesko
mais de 11 anos atrás
145
20
0
Resumo de Recurso
Security Mgt U3, BS7799 (Part 1)
BS7799 (ISO 17799)
originally published as a code of practice
standards for information security management
outlines risk analysis and management
don't have to certify whole business
foundations of BS7799 (image)
Anotações:
[Image: https://lh6.googleusercontent.com/-f6Kk9fXgL-s/UV_a5iweR8I/AAAAAAAAAck/g0rFxMeOSJo/s600/triangle+of+bs7799.png]
why?
develop best practice
helps realize security policy
value proposition
propmise of value to be deliverd and belief of customer in that value
introduce benchmark standards
builds business confidence
international standard
easy and flexible architecture
provide secuity
# of apps and complexity growing
information theft
motivations: COMIC
Commercial
someone gets commercial advantage by using or blocking our information
Opportunist
people happen upon bad security controls and suddenly have opportunity
Monetary
someone is paid to steal or attack
Idealist
hacktivist
can-do
they do it just because they can
CIA
confidentiality
integrity
availability
legislation
human rights act
computer misuse act
covers unauthorized
viewing
copying
modification
computer design and patent act
regulation of investagatory powers act
FAST: federation against software theft
Anotações:
http://www.fastiis.org/
Protect your IP (intellectual property)
If you do not demonstrate that you had the appropriate controls in place, you will lose a case in court.
critical success factors
KPIs (key performance indicators)
policies, objectives, activities that reflect business objectives
appropriate resources
consistency with business culture
visible commitment from management
effective awareness, education and training
distribution to all employees, partners and suppliers
controls
key controls
info sec policy
info sec education and training
security incident reporting
virus controls
business continuity planning (BCP)
software copying control
company record safegarding
data protection compliance
compliance with security policy
selection
identify business objectives
identify business strategy
identify controls relative to risk
with risk, don't forget areas of inpact such as reputation and customer confidence
Quer criar seus próprios
Mapas Mentais
gratuitos
com a GoConqr?
Saiba mais
.
Semelhante
Security Mgt, ISO 27001, PDCA
jjanesko
Exemplary Assignment Answers
jjanesko
Security Mgt, Flashcards for ISO 27000 series
jjanesko
Security Mgt U3, BS7799 (Part 2)
jjanesko
Security Mgt U5, risk analysis and mgt (part 1)
jjanesko
Security Mgt U5, Risk Analysis Methods and Tools (image)
jjanesko
Security Mgt U5, quantitative risk assessment forumula (image)
jjanesko
Security Mgt U5, risk analysis & mgt (part 2)
jjanesko
Security Mgt U8, Information Assurance
jjanesko
Security Mgt U8, Incident Recovery Image
jjanesko
Security Mgt U10, world class security infrastructure
jjanesko
Explore a Biblioteca