Subscribe to this RSS feed
INFORMATION SECURITY MANAGEMENT

INFORMATION SECURITY MANAGEMENT

ISO 27799 Information Security Management in the Healthcare Industry Trainings

ISO 27799 provides guidelines for organizational information security standards and Information Security Management practices which include but are not limited to the selection, implementation and management of controls by taking into consideration the organization’s Information Security risk environments. This standard provides guidelines to support the implementation of information security controls in healthcare organizations based on ISO/IEC 27002.

 

Benefits of ISO 27799 Information Security Management in Healthcare:

  • Understood the implementation of Information Security Controls in healthcare organizations by adhering to the framework and principles of ISO 27799.
  • Understood the relationship between the components of Information Security controls, including responsibility, strategy, acquisition, performance, conformance and human behavior.
  • Gained the necessary skills to support a healthcare organization in implementing and managing the ongoing Information Security controls based on ISO 27799.
  • Acquired the competences to perform periodic risk assessment in a healthcare organization.
  • Enhanced your ability to help healthcare organizations to play an active and important role in the protection of personal health data of their patients.
  • Gained the necessary knowledge to improve Information Security in healthcare organizations.
المزيد

ISO 27001 Information Security

ISO/IEC 27001 provides requirements for organizations seeking to establish, implement, maintain and continually improve an information security management system. This framework serves as a guideline towards continually reviewing the safety of your information, which will exemplify reliability and add value to services of your organization.

Benefits of ISO/IEC 27001 Information Security Management:

  • Understood the Information Security Management System implementation process.
  • Provide continual prevention and assessments of threats within your organization.
  • Higher chances of being distinguished or hired in an Information Security career.
  • Understood the risk management process, controls, and compliance obligations.
  • Acquired the necessary expertise to manage a team to implement an ISMS.
  • The ability to support organizations in the continual improvement process of their Information Security Management System.
  • Gained the necessary skills to audit organization’s Information Security Management System.
المزيد

Risk Assessment Methods

Risk Assessment Methods

What are Risk Assessment Methods?

Understanding how to effectively assess risk may be a challenge for many industries. The risk assessment methods: OCTAVE, EBIOS, and MEHARI.

OCTAVE – Operationally Critical Threat, Asset, and Vulnerability Evaluation were developed by the Computer Emergency Response Team (CERT), and it was funded by the US Department of Defense. This risk assessment tool is used to help prepare organizations for security strategic assessments and planning for their information.

EBIOS - Expression des Besoins et Identification des Objectifs de Sécurité, was developed by the French Central Information Systems Security Division. The goal of this risk assessment tool is to assess and treat risks with an IS, which would result in assisting the management decision-making, and guide stakeholders to find a mutual set of discussions.

MEHARI - Methode Harmonisee d’Analyse de Risques, was developed by CLUSIF, a non-profit Information Security organization. The goal of this risk assessment tool is to mostly to provide guidelines for ISO/IEC 27005 Implementation and analyze scenario-based risks landscapes for short-long term security management.

Benefits of Risk Assessment Methods

  • To learn the concepts, methods, and practices allowing an effective risk management based on ISO 27005.
  • To put into practice the requirements of ISO 27001 on information security risk management.
  • To develop the skills needed to perform a risk assessment with the OCTAVE, EBIOS, and MEHARI techniques.
  • To obtain the ability to effectively guide organizations on the best practices in information security risk management.
  • To obtain the ability to effectively implement and manage an continuing information security risk management process.
المزيد

ISO/IEC 27005

ISO/IEC 27005 Information Security Risk Management

 

ISO/IEC 27005 provides guidelines for the establishment of a systematic approach to Information Security risk management which is necessary to identify organizational needs regarding information security requirements and to create an effective information security management system. Moreover, this international standard supports ISO/IEC 27001 concepts and is designed to assist an efficient implementation of information security based on a risk management approach.

 

ISO/IEC 27005 Certificate will prove that you have:

  • Gained the necessary skills to support an effective implementation of an information security risk management process in an organization.
  • Acquired the expertise to responsibly manage an information security risk management process and ensure conformity with legal and regulatory requirements.
  • The ability to manage an information security and risk management team.
  • The ability to support an organization to align their ISMS objectives with ISRM process objectives.
المزيد

ISO/IEC 27002

ISO/IEC 27002 Code of Practice for Information Security Controls

ISO/IEC 27002 is an international standard that gives guidelines for the best Information Security management practices. These management practices will help your organizations to build confidence in their inter-organizational activities and implement a suitable set of controls, including policies, processes, organizational structures and software and hardware functions. This standard is a generic document used as a reference for selecting controls within the process of Information Security Management System implementation. ISO/IEC 27002 is intended to be used by all types of organizations, including public and private sectors, commercial and non-profit and any other organization which faces information security risks.

 

Benefits of ISO/IEC 27002:

  • Understood the implementation of Information Security controls by adhering to the framework and principles of ISO/IEC 27002.
  • Understood the relationship between the components of Information Security controls, including responsibility, strategy, acquisition, performance, conformance and human behavior.
  • Gained the necessary skills to support an organization in implementing and managing ongoing Information Security controls based on ISO/IEC 27002.
  • The ability to perform periodic risk assessment in an organization.
  • The ability to help organizations improve the Information Security posture.
  • The ability to draft and implement cost optimization strategies.
المزيد

newlogo

Contact us

  Jordan

Jordan, Amman, Aljubaiha, Alokhwa building, office 506
+96265357576

+962780067953

[email protected]

[email protected]

http://www.inteq-group.com

  Saudi Arabia

Jeddah,Alsharafeiah,Khaled ben Alwaleed street
PO BOX 40538 Jeddah 21511, KSA.
 +966122834174

 

Download Broshure

broshre

Top