Join this webinar to learn the IT Risk and Control Concept, which aims to improve an organization’s information security and cybersecurity. One goal is also that in more clear and organized context decision makers can make more informed, and presumably better, decisions.
The IT Risk and Control Concept links together roles, profiles, methods, standards and processes.
In the webinar Concept’s integrations are explained from three perspectives:
- Integration of different management systems:
- IT Service Management System (ITSMS based on ISO 20000 standard)
- Information Security Management System (ISMS based on ISO 27001 standard)
- and Business Continuity Management System (BCMS based on ISO 22301 standard)
- Integration of different practices:
- Information Security Risk Management (ISRM based on ISO 27005 standard)
- Information Security Controls implementation (based on ISO 27002 standard)
- Cybersecurity Management (CSMS based on ISO 27032 standard)
- Cloud Security Management (based on ISO 27017)
- and Information Security Incident Management (ISIM based on ISO 27035 standard) to support the ISMS implementation.
- Auditor’s approach to implementations
Certifying training courses for IT-assurance: