อบรม ก้าวสู่ความมั่นคงปลอดภัยในระบบข้อมูลสารสนเทศ ตามมาตรฐาน ISO 27001
รหัสหลักสูตร: 21385
สัมมนานี้ผ่านไปเรียบร้อยแล้ว
(ถ้ามีจัด ท่านจะได้สิทธิ์ก่อน)
The international standard ISO/IEC27001 provides a framework for organizations to implement 'best practices' in Information Security Management. The ISO standard is quite high level and generic and in most cases does not provide practical solutions. This course will fill up this gap by providing more examples in real life cases.
Course outline
- Background of ISO17799/27001
- Security policy
- Security organization
- Asset classification & control
- Personnel security
- Personnel screening
- Confidentiality agreements
- Physical & environmental security
- Communication & operation management
- Change control
- Segregation of duties
- Housekeeping (Back-ups, operator logs)
- Access control
- User Registration
- Privilege management
- Password management (including quality/strong passwords)
- System Development & maintenance
- Information security incident management
- Business continuity management
- Business Impact analysis
- Compliance
- ISO Implementation Risks and Success Factors