Information technology - Security techniques - Information security management system implementation guidance (ISO/IEC 27003:2010, IDT)
This Malaysian Standard is to focuses on the critical aspects needed for successful design and implementation of an Information Security Management System (ISMS) in accordance with MS ISO/IEC 27001. It describes the process of ISMS specification and design from inception to the production of implementation plans. It describes the process of obtaining management approval to implementing ISMS by defining ISMS scope, boundaries and policy. Followed by conducting information security requirements analysis, risk assessment and establishment of risk treatment plan.
This document provides more elaborated explanation on the approach of defining the scope of ISMS, which complements ISO/IEC 27001.
Published
• (none) / (none) / (none)
PDF
03/05/2019
79
NSC 07 - Information Technology, Communications & Multimedia
