Follow the guided path. We will suggest the steps to be taken for the development of the ISO 27001 information security management system. The clear and schematic examples will show you how to apply the controls of Annex A of the Standard
If you want to create and certify the ISO 27001:2017 information security management system for your company or for one of your customers, follow the path we show you:
Step 1: Provide the structure to the management system
The articles in the guide will show you:
- How to Develop the Context in 27001 for Information Security
- Who threatens the security of information in the company. The dangers for information in 27001
- How to assess information security risks in the company pursuant to 27001
- How to plan information security under ISO 27001:2017
- How to manage information security in ISO 27001:2017 management system processes
Step 2: Document management system processes
The articles in the guide will show you:
- Come creare l\’inventario degli asset nel sistema di gestione per la sicurezza delle informazioni ISO 27001
- Come gestire la sicurezza delle informazioni attraverso la gestione delle risorse umane ai sensi della ISO 27001:2017
- La formazione del personale per la sicurezza delle informazioni in azienda. Come
- How to Create Asset Inventory in ISO 27001 Information Security Management System
- How to manage information security through human resource management under ISO 27001:2017
- The training of personnel for information security in the company. How to develop the training process for ISO 27001:2017
- How to institute a disciplinary process against personnel who have committed an information security breach
- How to establish information security monitoring in the company according to ISO 27001:2017
Step 3: Integrate Annex A controls into business processes
The articles in the guide will show you:
- How to document the Information Security Policy in ISO 27001:2017 and the security policies related to Annex A controls.
- How to develop Control 6 Annex A Information Security Organization, in accordance with ISO 27001:2017
- How to implement access control for the ISO 27001:2017 system according to the controls of Annex A, point 9
- How to implement encryption controls in 27001 according to Annex A
- Physical protections for information security and operational security. How to develop the controls, according to ISO 27001:2017, provided for in Annex A
- Information security in network communication and in the company information system in accordance with ISO 27001:2017 and the controls of Annex A
- Information security incidents and business continuity in ISO 27001:2017 and Annex A controls
Following the development of the system and the audits required by the Standard, you can request certification from accredited bodies, pursuant to ISO/IEC 27001: 2017..
The Winple.com, specialized in management systems, proposes these technical contents in order to sensitize companies to build a management system that complies with the standard and that is above all of real effectiveness.
The suggestions and examples proposed in the technical articles in fact all go in the direction of the concrete applicability of the system to the company reality. The contents of the management system that Winple invites to develop must be made clear to the users of the documents. The particulars contained therein must be precise and expressed in such an essential manner as to be immediately applicable.
