Loading presentation...

Present Remotely

Send the link below via email or IM


Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.


ISO 27001-2013 中文

No description

Ming Chiang

on 7 October 2014

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of ISO 27001-2013 中文

ISO 27001-2013
Stakeholder Analysis Table
Risk Assessment 2/2
Risk Assessment 1/2
By Mingo Chiang
1. Purpose of ISO27001
1.1 How to Protect Information
1.1.1 List of Controls
1.2 ISO 27001 Benefits
2. Introduction
3. Leadership
3.1 Leadership and Commitment
3.2 Policy
3.3 Organizational Roles, Responsibilities and Authorities
4. Planning
4.1 Actions to Address Risk and Opportunities
4.2 Information Security Risk Assessment
4.3 Information Security Risk Treatment
4.4 Information Security Objective and Planning to Achieve Them

3. Leadership
4. Planning
5. Support
6. Operation
7. Performance Evaluation
8. Improvement
5. Support
5.1 Resources
5.2 Competence
5.3 Awareness
5.4 Communication
5.5 Documented Information
5.5.1 Creating and Updating
5.5.2 Control of Documented Information
6. Operation
6.1 Operation Planning and Control
6.2 Information Security Risk Assessment
6.3 Information Security Risk Treatment
7. Performance Evaluation
7.1 Monitoring, Measurement, Analysis and Evaluation
7.2 Internal Audit
7.3 Management Review
8. Improvement
8.1 Non-conformity and Corrective Action
8.2 Continual Improvement
Full transcript