Establishment and management of the ISMS" phase
ISO 27001: Information Security Management Systems
Article REF: G9062 V2
Establishment and management of the ISMS" phase
ISO 27001: Information Security Management Systems

Author : Gilles TENEAU

Publication date: April 10, 2018 | Lire en français

Logo Techniques de l'Ingenieur You do not have access to this resource.
Request your free trial access! Free trial

Already subscribed?

2. Establishment and management of the ISMS" phase

2.1 Determining scope and policy

ISMS planning involves defining the scope and limits of the organization's activity (its location, assets, technologies). The scope of the ISMS thus includes :

  • the general orientation of the WSIS and the principles of action of the information security policy ;

  • requirements linked to the organization's activity and its legal and regulatory constraints (for example: confidentiality and secrecy of customer information in the banking sector);

  • the ISMS must be linked to the company's overall risk management logic (strategic and global risk management), operating on the basis of precise risk assessment criteria and having been approved by...

You do not have access to this resource.
Logo Techniques de l'Ingenieur

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource. Click here to request your free trial access!

Already subscribed?

Ongoing reading
Establishment and management of the ISMS" phase

Article included in this offer

"Environment"

( 515 articles )

Complete knowledge base

Updated and enriched with articles validated by our scientific committees

Services

A set of exclusive tools to complement the resources

View offer details
Contact us
Contact our team FAQ