Information Security Management: Understanding ISO 17799 - GTA

More documents

Recommendations

Info

Information System Security OfficerAn Information System Security Officer should be identified, appointed, and empowered. A formal jobdescription defines the Information System Security Officer’s principal duties, which include:Lead the Management Security ForumLead the Incident Response TeamPrepare Management Security Forum security briefsRecord and resolve security incidentsMaintain ISMSEstablish and review the Security Risk AssessmentSelect controls and risk mitigationMaintain the Statement of ApplicabilityMonitor ongoing compliance with security standardsEstablish and maintain contacts with external security resourcesEvaluate changes in asset base and resultant security implicationsConsult and advise on general information security issuesSecurity ManagementThe Management Security Forum consists of the Chief Information Officer, Engineering Manager, NOC orData Center Manager, and the Information System Security Officer. Other members are included asrequired.Management Security Forum duties include:Provide ongoing management support to the security processServe as an alternative channel for discussion of security issuesDevelop security objectives, strategies, and policiesDiscuss status of security initiativesObtain and review security briefings from the Information System Security OfficerReview security incident reports and resolutionsFormulate risk management thresholds and assurance requirementsYearly review and approval of the Information Security PolicyYearly review and approval of the ISMSSecurity ResponseIncident Response Team – formed to create and carry out an Incident Response Plan. The team shouldinclude diverse skill sets covering all aspects of an organization’s Information Processing Systems. Toolsare procured, members trained, and rosters established. The team is chartered with the Incident Responsemission to:Prepare for an incidentIdentify an incidentContain the incidentInfo Security Mgmt.: ISO 17799 October 2001 INS Whitepaper • 12
Eradicate the intruderRecover from the intrusionLearn from the incidentMethodologies include processes to:Identify, escalate, and de-escalate security eventsAssess organizational securityMaintain organizational securityExternal Liaisons- established with local law enforcement agencies, as well as with legal and publicrelations entities.Security MaintenanceExploit Tracking - qualified specialists in different organizational networking elements are tasked withtracking relevant exploits and reporting information of concern to the Information System Security Officer.Change Control Board – chartered and empowered to manage change. The change control process includeschange submission request and evaluation, as well as recovery and back-out procedures. In addition, aDocument Control plan is initiated to control the ISMS documentation.Security InfrastructurePolicies – established to express conceptual information security organizational goals in the InformationSecurity Policy.Standards – established to support implementation of Information Security Policy. Standards can address:Personnel securityEmployee conductData classificationData labelingData handlingData transmissionData encryptionVPNsData recoveryData routingAccess controlFirewall standardNetwork securityNetwork applicationData switchingLoggingAsset managementAlarmPhysical securityInfo Security Mgmt.: ISO 17799 October 2001 INS Whitepaper • 13
Page 1 and 2: The knowledgebehind the network. ®
Page 3 and 4: BackgroundISO 17799 is a direct des
Page 6 and 7: Communications and Operations Manag
Page 8 and 9: ComplianceCompliance control addres
Page 10 and 11: Step 6: Select and Implement Contro
Page 14 and 15: Security maintenanceGuidelines - es
Page 16 and 17: Figure 5: Risk ScaleRisk calculatio
Page 18: We expect to see an ever-increasing

Information Security Management: Understanding ISO 17799 - GTA

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?