Introduction to ISMS Implementation
Providing Services and Technology Solutions for the security of Information Systems since 1993
Definition of procedures and controls
The definition of procedures and controls is one of the key features in establishing an IT management model or information security management system (ISMS). These involve different methodologies or standards to suit each client’s particular needs. The most widely used are CObIT, ITIL and ISO-27000. A proper structural arrangement of documents, by means of policies, procedures and guides, helps to make any organization’s information systems more manageable, bringing ICTs and security into line with its overall goals.
Definition of Security Dashboards and Indicators
The dashboard is a security-operation and -management tool or methodology that reflects an organization’s current situation, action planning and progress made in pursuit of its objectives. For this purpose the dashboard reflects different security aspects, working from automated or manual data processed for ease of interpretation according to the given definition of metrics and indicators. This information is stored and compared over time to keep a track of the progress being made in terms of security and the management system itself.
GMV has a wealth of experience and expertise in establishing and certifying various management systems, such as those based on the standards ISO 22301, ISO 27001 and ISO 20000. Specialist and experienced advice is vital when setting up and certifying a management system. This experienced input helps you find out and weigh up beforehand all possible options for solving particular problems, boosting efficiency of the eventual solution and cutting implementation and certification costs.