ISO 27001 Policies - PowerPoint PPT Presentation


PPT – ISO 27001 Policies PowerPoint presentation | free to download - id: 89534c-OWFmM


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation

ISO 27001 Policies


ISO 27001 Policies for more info- – PowerPoint PPT presentation

Number of Views:12
Slides: 4
Provided by: Username withheld or not provided


Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: ISO 27001 Policies

Indicative List of Policies to be framed for ISO
  • Organization should define information security
    related policies which is approved by management
    and sets the organizations approach to managing
    its information security objectives.
  • a) Business Strategy, b) contracts, regulations
    and legislations and c) security threat
    environment are the source of requirements which
    information security policies should address.
  • What should Information Security Policy cover?
  • Definition of Information security, objectives
    and principles to direct all activities related
    to information security
  • Assignment of responsibilities of Information
    Security management to defined roles
  • Processes of handling non-conformities and

Indicative List of policies
  • Information Security
  • Access control
  • Information classification and handling
  • Physical and environmental security
  • Acceptable use of assets
  • Clear Desk and clear screen
  • Information Transfer
  • Mobile device and teleworking
  • Restriction on software installations and use
  • Back-up
  • Protection from malware
  • Management of technical vulnerabilities
  • Cryptographic controls
  • Communication security
  • Privacy and protection of personally identifiable
  • Supplier relationships
  • These policies should be communicated to relevant
    internal and stakeholders in the context of
    awareness of information security.