best practice standards adoption: a status report · planning, delivery and measurement of...
TRANSCRIPT
![Page 1: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/1.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
Best Practice Standards Adoption:
A Status Report
A presentation by Adedoyin Odunfa. (CEO, Digital Jewels)
At the occasion of the Q1 2015 InformationValueChain Breakfast Forum, hosted by Digital Jewels Ltd. March 12 2015. Landmark 60th Session
![Page 2: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/2.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
Outline
• Unbundling the standards universe
• Adoption Snapshot
• A Suggested Approach
• Pitfalls to Avoid
• CSF’s to imbibe
• Conclusion: Some Cold Truths
![Page 3: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/3.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
Overview and Summary of IT Standards - CBN
Strategic IT Alignment Translation of business vision and strategies into multi-year IT investments and operating plans as well as impacts of Information Technology on the Enterprise’s performance measurement
IT Governance Framework for initiation, endorsement, sponsorship, approval and evaluation of IT decisions.
Architecture & Information Management
Guidance for the creation and execution of the strategic IT architecture framework.
Solutions Delivery Framework for the development of software application solutions and their subsequent transition into the production environment.
Service Management & Operations
Planning, delivery and measurement of day-to-day operational service.
Information & Technology Security
Security and protection of enterprise information and related assets.
Workforce & Resource Management
Management of IT skills, knowledge and financial resources
![Page 4: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/4.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
Re-Prioritised Industry IT Standards
IT Standards Prioritisation from the CBN IT Standards Blueprint
![Page 5: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/5.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE 5
Priority 1 Standards:
• Service Management
• Interfaces
• IT Security
• Application Reporting
Priority 2 Standards:
• IT Governance
• Strategic Alignment
• Project Management
• Work & Resource
Management
Priority 3 Standards:
• Data Centre
• Business Continuity Management
• Enterprise Architecture
• Health, Safety and Environment
• Management
![Page 6: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/6.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
![Page 7: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/7.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
Unbundling the Standards & Framework Forest
Standards with Certification
PCIDSS v3
ISO27001: 2013
ISO20000: 2011
ISO22301: 2011
BS OHSAS (18000) - ISO 45001
Data Centre Tier 3/4
ISO 15504: 2013
Standards yet to be Certifiable
ISO8583
ISO20022
ISO38500: 2015
Frameworks/
Methodologies
COBIT 5
PRINCE2
PMBoK
TOGAF
CMMi
SFIA
XBRL
![Page 8: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/8.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
Associated Standards/ Frameworks
• PCIDSS
• ISO27001
• ISO22301
• ISO31000
Information Security
• ISO22301
• BS OHSAS 18000
• ISO27001
• Data Centre Tiers
Business Continuity
• ITIL
• COBIT
• ISO20000
• CMMI
ITSM
• COBIT
• CMMI
• ISO15504
• ISO38500
• TOGAF
IT Governance
• PRINCE2
• PMP
• ISO 21500
• COBIT
• SFIAProject/Change /People Management
![Page 9: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/9.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
Mapping ISO27001 with PCIDSS
PCIDSS REQUIREMENTS
ISO 27001 ANNEX A CONTROL OBJECTIVES
A.5
A.6 A.7 A.8 A.9 A.10 A.11 A.12 A.13 A.14 A.15 A.16 A.17 A.18
1 ● ● ● ● ● ●
2 ● ●
3 ● ● ● ● ●
4 ● ●
5 ● ● ● ●
6 ● ● ● ● ● ●
7 ●
8 ●
9 ● ● ● ● ● ●
10 ● ● ● ●
11 ● ● ● ● ● ●
12 ● ● ● ● ● ● ● ● ● ● ●
Most PCIDSS controls are focused around four (4) ISO27001:2013 controls andcontrol objectives highlighted i.e. Access Control, Cryptography, Operations Securityand Communication Security.
![Page 10: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/10.jpg)
Mapping/Overlap of ISO27001 to ISO22301
10
ISO 27001, A.17 Business Continuity Management ISO 22301:2012
A.17.1 Information security aspects of business continuity managementObjective: Information Security shall be embedded in the organization’s business continuity management system.
A.1
7.1
.1
Planning information securitycontinuity
ControlThe organization shall determine its requirements for informationsecurity and the continuity of information security management inadverse situations, e.g. during a crisis or disaster.
A.1
7.1
.2
Implementing informationsecurity continuity
ControlThe organization shall establish, document, implement and maintainprocesses, procedures and controls to ensure the requiredlevel of continuity for information security during an adverse situation.
A.1
7.1
.3
Verify, review and evaluate informationSecuritycontinuity
ControlThe organization shall verify the established and implementedinformation security continuity controls at regular intervals inorder to ensure that they are valid and effective during adversesituations.
6.1 Actions to address risks
and opportunities
8.1 Operational Planning and
Control
9.1 Monitoring,
measurement, analysis and evaluation
![Page 11: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/11.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE15/03/2015
Standards’ Overlap: ISO 20000 vs. ISO 27001
Incident ManagementChange Management
Availability ManagementContinuity ManagementCapacity Management
ISO 20000 ISO 27001
![Page 12: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/12.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE15/03/2015 CONFIDENTIAL12
Standards’ Overlap: ISO 20000 vs. ISO 27001ISO 20000 ISO 27001
Service Management System Clauses Information Security Management System Clauses
4.5 Establish & improve SMS 4.2 Establishing and managing the ISMS
4.3 Document Management 4.3 Document requirements
4.1.1 Management Commitment 5.1 Management commitment
4.1.2 Security Management Policy A.5 Security Policy
4.5.4.3 Management Review 7 Management review of ISMS
4.4 Resource management 5.2 Resources Management
4.4.1 Provision of Resources 5.2.1 Provision of Resources
4.5.4.2 Internet Audit 6 Internal ISMS Audit
6.2 Service ReportingA.13.1 Reporting information security events and weaknesses
4.5.5 Maintain & improve the SMS 8 ISMS Improvement
6.5 Capacity Manangement A.10.3.1 Capacity management
6.6.1 Information Security Policy A.5.1 Information Security Policy
4.2.1 Establish the ISMS
6.2.2 Security Controls A - Control objectives and controls
6.6.3 Information Security Changes and Incidents A.13 Information Security Incident Management
9.2 Change management A.10.1.2 Change Management
A.12.5.1 Change Control Procedures
> Mentioned in 4.5.5 8.2 Corrective Action
> Mentioned in 4.5.5 8.3 Preventive Action
6.3 Service continuity & Availability Manangement A 14 Business Continuity Management
6.6.1 Information Security Policy A.5.1 Information Security Policy
9.1 Configuration Management A.7 Asset Management
![Page 13: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/13.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
ISO/IEC 20000 Processes ITIL® Processes
5. Design & Transition of new or changed services
6. Service Delivery Processes
•Service level management
•Service reporting
•Information security management
•Budgeting & accounting for services
•Capacity management
•Service continuity & availability management
•Service Level Management
•(Method & Technique in CSI)
•Information Security Management
•Financial Management for IT Services
•Capacity Management
•IT Service Continuity Management
•Availability Management
7. Relationship Processes
•Business relationship management
•Supplier management
•Business Relationship management
•Supplier Management
8. Resolution Processes
•Incident and service request management
•Problem management
•Incident Management
•Request Fulfilment
•Problem Management
9. Control Processes
•Configuration management
•Change management
•Release and deployment management
•Service Asset & Configuration Management
•Change Management
•Release and Deployment Management
Mapping ISO 20000 and ITIL Processes
![Page 14: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/14.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE14
Standards’ Overlap: COBIT vs. ITIL
![Page 15: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/15.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE15/03/2015
Standards’ Overlap: COBIT vs. ITIL vs. ISO 20000
![Page 16: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/16.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
Keeping it up!
PCIDSS ISO Standards
Annual Recertification
On-going Vigilance
Year
0: I
nit
ial C
erti
fica
tio
n
Year
1: S
urv
eilla
nce
Au
dit
Year
2: S
urv
eilla
nce
Au
dit
Year
3: R
ecer
tifi
cati
on
A
ud
it
CMMI
3 Year Assessment
Lifecycle
On-going Process
Improvement
![Page 17: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/17.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
An Integrated Approach: PAS 99
• World’s first specification for integrated management systems
• Streamlines operational activities, aligns all common standard requirements and cuts the cost of separate audits and administration.
• Benefits– Less Duplication –
– Lower Operating Costs.
– Simplification.
– More Easily Updated.
![Page 18: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/18.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
Where are we as a Nation?
![Page 19: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/19.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
22
18
4
3
2
5
15
4
1 1
2
PCIDSS (PAYMENT CARD INDUSTRY DATA
SECURITY STANDARD)
ISO27001 ( INFORMATION SECURITY MGT
SYSTEM)
ISO22301 (BUSINESS
CONTINUITY MGT SYSTEM)
IS020000 ( IT SERVICE
MANAGEMENT)
IT IL ( IT INFRASTRUCTURE
LIBRARY)
COBIT 5 (CONTROL
OBJECTIVES FOR INFORMATION &
RELATED TECHNOLOGY)
NO
OF
CER
TIFI
ED C
OM
PAN
IES
STANDARD IN FOCUS
GLOBAL BEST PRACTISE STANDARD CERTIFICATION STATUS (NIGERIA) AS AT FEB. 2015
Certified In progress
![Page 20: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/20.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
9
2
1 1
0
5
4
2
1 1
ISO27001 ISO22301 ISO20000 ITIL COBIT 5
GLOBAL BEST PRACTISE STANDARD CERTIFICATION STATUS (BANKS ONLY) AS AT FEB. 2015
Total Certified Total In progress
![Page 21: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/21.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
![Page 22: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/22.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
Data Centre Tiers
![Page 23: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/23.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
![Page 24: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/24.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
DEBUNKING THE MYTHS…
![Page 25: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/25.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
1. A PIECE OF CAKE!!!
![Page 26: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/26.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE2. A QUICK FIX
![Page 27: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/27.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE3. “STANDARD IN A BOX”
![Page 28: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/28.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
4. NOTHING MAJOR…
![Page 29: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/29.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
PITFALLS TO AVOID
![Page 30: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/30.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGENO CLOUT!
![Page 31: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/31.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGEOVER-PROMISING & UNDER-DELIVERING
![Page 32: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/32.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
SHORT CUTS….
![Page 33: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/33.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
![Page 34: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/34.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGELOOSING FOCUS
![Page 35: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/35.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE100% COMPLAINCE
![Page 36: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/36.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
CRITICAL SUCCESS FACTORS
![Page 37: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/37.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
![Page 38: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/38.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGESCOPE CORRECTLY
![Page 39: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/39.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
![Page 40: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/40.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGETECHNOLOGY HELPS
![Page 41: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/41.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGEKNOW THE STANDARD
Management
Systems
ISO 20000-1:2011 Service Management
ISO 22301Business Continuity
Management
ISO 27001-2013InformationSecurityManagement
System
ISO 38500IT Governance
ISO 15504 Process Assessment
![Page 42: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/42.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
![Page 43: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/43.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
![Page 44: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/44.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
![Page 45: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/45.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGEChoose the Right Partners: trusted partners
![Page 46: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/46.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
Demonstrable capability to support you…
1st 1SO27001 & PCIDSS QSA Professional Services Firm in AfricaDelivering Certification Projects since 2011
•Largest Market Share
![Page 47: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/47.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
Some Cold Truths
• Compliance Vs Performance
• Not going away
• Leaders or Laggards
• Not only the Regulator
![Page 48: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/48.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
IVC Breakfast Forum’s...Free Knowledge Sharing, Information Exchange, Business Networking Sessions.
60th session & still counting...
Celebrates
![Page 49: Best Practice Standards Adoption: A Status Report · Planning, delivery and measurement of day-to-day operational service. Information & ... 4.5.4.2 Internet Audit 6 Internal ISMS](https://reader036.vdocument.in/reader036/viewer/2022081407/5f1fad7d9d26ad1c7344cb1d/html5/thumbnails/49.jpg)
SECURE :: ASSURE :: ENABLE :: EMPOWER :: MANAGE
Thank You
for your time & attention
www.digitaljewels.net