zbenta Posted June 19, 2012 Share Posted June 19, 2012 Hi there, I was recently hired by a company to implement ISO 27001. I have no experience with this norm, after having read a lot of documentation I started by creating the ISMS Scope Definition, the Inventory of Information assets and an ad hoc risk assesment. I already got some templates from http://www.iso27001security.com/, got the iso27001 and iso27002 norm, I also started reading the "IT Baseline Protection Manual" to be used as a more structured risk analysis tool. Can anyone point me to any nice other tools or docs to help me do this task? Quote Link to comment Share on other sites More sharing options...
Dekan_ Posted June 24, 2012 Share Posted June 24, 2012 Here is a toolkit I used in the past. http://www.itgovernance.co.uk/iso27001_toolkits.aspx Quote Link to comment Share on other sites More sharing options...
zbenta Posted June 26, 2012 Author Share Posted June 26, 2012 Hit here, Thanks for the tip, I'll talk to the management and make sure they want to invest in it. If there's a free option it would be much appreciated. Quote Link to comment Share on other sites More sharing options...
zbenta Posted July 3, 2012 Author Share Posted July 3, 2012 Why did you accept a job that you didn't understand how to do? I took the job because I knew I could do it, I just need a little bit more info so I can finish the project. I'm waiting to get some tutoring from behalf of the organization I work in and was trying to take that extra step so I can "show" some work. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.