InfoSecMinds

For like-minded people

Archive for October, 2008

ISMS Implementation – The bottom-Up approach

Oct 23

Posted by Vinod Puthuseeri in ISO 27001:2005, Information Security | 1 Comment

All the while we have been hearing and believing that ISMS implementation in any organization requires management approval without which it would be a failure. True!!!

For any project in an organization for that matter, management approvals are a must cause for a project to kick-start and complete with desired results, requires resources, budget, tools etc. These can be achieved only if the project manager shows the management that there is value created by doing this project which could favor the organization. The value could be of many ways which ultimately boils down to making profits or avoiding monetary/image loss.

Read the rest of this entry »

Tags: , ,

Vulnerability Management Program

Oct 10

Posted by Praveen Reddy in Information Security | 2 Comments

Introduction

It is quite obvious that, every organization want to serve its clients with out any interruptions. If not handled properly, sometimes, presence of a small vulnerability in a system or in the network may lead to interruption of the services offerings to clients. This may result in losing the trust of clients or loss of revenue.

Vulnerability assessment is a simple process of identifying and reporting vulnerabilities.

It provides a way to detect and resolve security problems before someone or something can exploit them. By conducting periodic vulnerability assessments, management could validate the security measures they have deployed.

Read the rest of this entry »

Tags: , , , , , , ,