2. Creation of ISMS (Security policy, procedures and Guidelines)
- Information Security Management Systems (ISMS) creation means creation of a set of policies, procedures and guidelines for information security management. A robust and strong ISMS is a pre-requisite for obtaining ISO 27001 certification. ISMS consists of the following components :
- Organizing Information Security
- Asset Management
- Human Resources Security
- Physical & Environmental Security
- Communication & Operations Management
- Access Control
- Information Systems- Acquisition, Development and Maintenance
- Information Security Incident Management
- Business Continuity Management
- Compliance