Complete the introduction of information security management system according to ISO / IEC 27001

Information security management system according to ISO / IEC 27001

Basic principles of the system:

• Risk prevention
• Protection of assets
• Protecting business information
• Ensuring continuous improvement

The process of implementation of the principles of the safety management system in accordance with the relevant standards:

• Development of the analysis for the implementation of the management system
• Start of implementation of agreed recommendations of the analysis including:
• implement measures to ensure fulfillment of legal requirements
• implement measures arising from the standards, including:
• Identification of all assets and relevant threats
• Design and implementation of assessment methodology
• Evaluation of all relevant risks
• Processing risk register
• Defining significant risks
• Setting objectives, targets and programs for its implementation
• Issuance of company policy
• Processing Register of legal and other requirements
• Defining measures for the management of all significant risks
• Providing training for employees at different levels:
• Top management
• work team of Implementation
• Internal auditors
• Central management
• Employees

Processing system documentation and records

Setting up an effective and efficient communication in accordance with the relevant safety standards

Determination method of monitoring and measurements in the range:

• legislative requirements
• management of risk indicators
• target values
• Emergency preparedness and business continuity plans

Implementation of internal audits

Ensuring procedure for implementing corrective and preventive actions