Establishment and management of the ISMS" phase
ISO 27001: Information Security Management Systems

Add to my library

G9062 V2 Article

Establishment and management of the ISMS" phase


ISO 27001: Information Security Management Systems

Author : Gilles TENEAU

Publication date: April 10, 2018 | Lire en français

Add to my library Add to my library

Logo Techniques de l'Ingenieur You do not have access to this resource.
Request your free trial access! Free trial

Already subscribed?

2. Establishment and management of the ISMS" phase

2.1 Determining scope and policy

ISMS planning involves defining the scope and limits of the organization's activity (its location, assets, technologies). The scope of the ISMS thus includes :

  • the general orientation of the WSIS and the principles of action of the information security policy ;

  • requirements linked to the organization's activity and its legal and regulatory constraints (for example: confidentiality and secrecy of customer information in the banking sector);

  • the ISMS must be linked to the company's overall risk management logic (strategic and global risk management), operating on the basis of precise risk assessment criteria and having been approved by...

You do not have access to this resource.
Logo Techniques de l'Ingenieur

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource. Click here to request your free trial access!

Already subscribed?


Ongoing reading
Establishment and management of the ISMS" phase

Article included in this offer

"Environment"

( 516 articles )

Complete knowledge base

Updated and enriched with articles validated by our scientific committees

Services

A set of exclusive tools to complement the resources

View offer details

Dans les ressources documentaires

EBIOS RM - Une méthode conforme aux exigences de cybersécurité

Souvent dénigrée à cause de sa complexité de mise en œuvre, nous pensons qu’il convenait de briser de fau...

Lutte contre la contrefaçon - Authentification et traçabilité

Dans le domaine de la propriété intellectuelle, est considéré comme contrefaçon tout produit copié alors ...

Normes ISO 2700x : vers la gouvernance de la sécurité des systèmes d’information

A la fin des années 1990, le British Standard Institution publie un document qui précise les exigences de...

Sécurité de l’information, cybersécurité et protection des données de vie privée - NF EN ISO/IEC 27001 : 2023

La sécurité de l'information fait partie du périmètre de la normalisation (ISO et AFNOR). À savoir les no...

Tous les livres blancs
Toutes les actualités
Contact us