Professional Documents
Culture Documents
Titre
June 4, 2009
Titre
CAC/JTC1/SC37 - Biometrics
CAC/JTC1/SWG - Accessibility
June 4, 2009
Sance daccueil
ISO/IEC/JTC1/SC27
SC27 Programme of Work
Area of Work:
The development of standards for the protection of information and ICT. This includes generic methods,
techniques and guidelines to address both security and privacy aspects, such as:
7 dcembre 2007
Sance daccueil
Sance daccueil
ISO/IEC 27010: Information security management for inter-sector communications (for critical
infrastructure)
ISO/IEC 27013: Guidelines for integration implementation of ISO/IEC 20000-1 & ISO/IEC 27001
ISO/IEC 27014: Information security governance framework
June 4, 2009
Sance daccueil
June 4, 2009
Sance daccueil
June 4, 2009
Sance daccueil
The objectives outlined in this International Standard provide general guidance on the
commonly accepted goals of information security management.
ISO/IEC 27001:
This International Standard has been prepared to provide a model for establishing,
implementing, operating, monitoring, reviewing, maintaining and improving an Information
Security Management System (ISMS). The adoption of an ISMS should be a strategic
decision for an organization.
This International Standard can be used in order to assess conformance by interested
internal and external parties.
June 4, 2009
Sance daccueil
10
June 4, 2009
Sance daccueil
11
June 4, 2009
Sance daccueil
12
June 4, 2009
Sance daccueil
13
June 4, 2009
Sance daccueil
14
June 4, 2009
Sance daccueil
15
How it fits
June 4, 2009
Sance daccueil
16
Government Example
Government of Quebec:
Established a secure communications channel
between ministries and awarded the management
contract to the organization that agreed to implement
and certify against ISO/IEC 27001
Asks that the IT arm of its Health and Social Services
require that its critical suppliers certify against
ISO/IEC 27001
Currently undergoing restructuring of its CSIRT to
certify against ISO/IEC 27001
June 4, 2009
Sance daccueil
17
June 4, 2009
Sance daccueil
18
QUESTIONS
&
THANK YOU!!!
Charles P. Provencher
Senior Advisor, IT Security & Conformity
Nurun Inc.
charles.provencher@nurun.com
514-392-1292 #25072
June 4, 2009
Sance daccueil
19