(Past Event)

ISO 27000 - A Basis for Business Security Strategies

W991 on 16 Feb 2012 , 09.15 - 16.30 Location: Staines
Governance, Security/Business Continuity

"ISO27001 is a useful tool in setting up a security strategy. It is not prescriptive, and can be adapted. Many organisations do not seek certification, but rather use a cut down version that meets the organisation's security objectives."
Security Strategy and Policy Reality Checker, July 2011

Output

Presentation 1: Allen & Overy (Presentation)
Presentation 2: Bupa (Presentation)
ISO 27000 - A Basis for Business Security Strategies (Report)
ISO 27000 - A Basis for Business Security Strategies (Executive Summary)
ISO 27000 - A Basis for Business Security Strategies (Top Tips)

Summary

The recent tISS Security Strategy and Policy Reality Checker revealed that the majority of Forum members use the ISO 27000 series of Information Security Standards as a basis or guideline for their approach to corporate security.

Though relatively few responding organisations were ISO 27000 certified, many were currently either working towards this (over 60%), or following the best practice offered (over 70%). Additionally, there is considerable interest in how businesses are managing to 'push', or enforce, compliance across suppliers and partners.

This workshop will enable members to share their adoption - and adaptation - journeys and experiences; find out how what, why and how modifications have been made; and justify why certification is the right route for some, impractical for others.

Note: References to ISO 27000 are intended to cover the series of information security standards.

Speakers

Bupa

Allen & Overy

Objectives

To share knowledge and learn from the experience of corporate IT peers in achieving certification with ISO 27000, or in the potential application of ISO 27000 in their organisation.

Who should attend

Senior IT professionals with a responsibility for, or interest in, ISO 27000 and the success of security strategies in corporate IT.

Agenda

The final agenda will be developed through consultation amongst delegates - provisional discussion areas include:

Identifying and prioritising elements of ISO 27000 for your business. How do you establish the case for return on investment?
Tailoring to align with business needs and requirements
To certify, or adopt as best practice
Successful advocation of ISO 27000 across partners and suppliers
Maintaining compliance

Unparalleled Learning

Directed by

01/17

"The Corporate IT Forum is a fantastic level check, free of vendor sell and consultancy hype. I like the open sharing of experience…"

"We get valuable knowledge and experience from members of The Corporate IT Forum. This helps us to make better and informed decisions to reach our business goals…"

"The knowledge from other people on what they are doing/have done is invaluable to my team"

"The workshop validated the marketplace for supplier apps; participants were of a uniformly high standard; personally, I value highly the ethos of the Forum in the fact that it is supplier independent"

Tel: +44 (0) 1442 866634
info@corporateITforum.com