Auditing Information Security Using ISO 27001

Why Should You Attend:

Protecting your organization's information is critical for the successful management and smooth operation of your organization. Utilizing ISO/IEC 27001 information security management systems aid your organization in managing and protecting your valuable data and information assets. ISO 27001 not only helps to keep your confidential information secure but also provides customers and stakeholders with a confidence in your risk management system while ensuring you are meeting legal obligations.

Attend this session by our expert speaker, Dr. Michael C. Redmond, and learn to audit ISO 27001 and Inforation/Cyber Security. . Michael will help your organization to manage the security of the assets such as intellectual property, financial information, information or employee details entrusted to you by third parties through an effective auditing program that audits controls associated with the ISO 27001 standard. This session will enable you to gain knowledge on the implementation of ISO 27001 in your organization and better audit information security management.

Learning Objectives:

• Ways to fit ISO 27001 in your information security management system
• ISO 27000 standards family - for what purpose should each standard be used
• Implementation Tips- costs involved, hiring a consultant, how long does it take, using tools
• Important benefits and the ways to present them to management
• Documentation required by the standard
• Benefits of ISO 27001 implementation
• Auditing ISO 27001 in your organization
• ISMS implementation framework
• Key elements of ISO 27001
• Get an overview of audit of implementation strategy

Areas Covered in the Webinar:

• Risk assessment
• Security policy
• Organization of information security
• Asset management
• Human resources security
• Physical and environmental security
• Communications and operations management
• Access control
• Information systems acquisition, development and maintenance
• Information security incident management
• Business continuity management
• Compliance

Who Will Benefit:

• Security Planners
• CEOs
• CIOs
• CFOs
• CTOs
• COOs
• Technology Managers
• Compliance
• Auditors
• All Large Corporations
• ISSA
• ISACA
• Association of Contingency Planners
• Audit Associations
• Internal Auditors Association
• Continuity Planners
• Business Continuity Planners
• Disaster Recovery Continuity Planners
• Risk Managers and Internal Auditor

Michael C Redmond
CEO and Lead Consultant, Redmond Worldwide

Dr. Michael C. Redmond, PhD is Consultant, Speaker and Author. Her certifications Include: MBCP, FBCI, PMP, CEM ISO 27001 Lead Implementer and Lead Auditor, as well as many other ISO certifications.

Michael also conducts ISO Certification Implementation and Audit Training for PECB. Michael is the Chapter President for Association of Contingency Planners Eastern Great Lake Chapter and an active member of ISSA.

She has consulted in the area of Cyber Security for clients in the arenas of Healthcare, Insurance, Financial and Manufacturing. Her projects have included:

• SIEM Security information and event management which is Combining software products and services combining security information management (SIM) and security event management (SEM)
• (CSIRT) which is Cyber Security Incident Response Programs, Plans, Playbooks, Training and Testing.
• Audit of CSIRT programs and documentation
• Information Security Programs and Implementation

Michael has consulted in the fields of Business Continuity and Disaster Recovery in the areas of Healthcare, Insurance, Financial, Manufacturing, Education and Government.

She has 3 published books; Mastering Your Introduction to Cyber Security, Mastering Business Continuity Management, Mastering Your Work Life Balance

Michael has a series of Audio Training that receive CEU’s from Disaster Recovery Institute (DRI) and other certifications.They are:

• Cyber Security Training for - 6 CEU’s
• Business Continuity Management for 20 CEU’s.

Michael’s been honored as Top Woman in her field at a White House Luncheon and was selected out of the world to write the prolog for the chapter on RISK Management by the United Nations for their Disaster Book which was given to the head of state for every UN member nation. She has recently been named on the list of “Women of Distinction for 2015” by Women of Distinction Magazine for her work in Cyber Security. She was selected to speak on Cyber Security Incident Response and SIEM at such recent conferences as:

• International ISSA Conference in Chicago
• NYS Cyber Security Conference – Co Spoke with Acting CISO for New York State
• ISACA Western New York Conference
• Metric Stream Round Table in New York City

Topic Background:

ISO 27001 Information System Management System (ISMS) is a systematic approach to managing sensitive company information so that it remains secure. It includes people, processes and IT systems by applying a risk management process.

ISO 27001 describes how to manage information security in a company. According to its documentation,

ISO 27001 was developed to "provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an information security management system." By applying ISO 27001 standards effectively in your organization you can ensure a robust security for your organization's vital information assets.

Follow us :