Ensuring the security of confidential and personal information and intellectual property through the introduction of technical, procedural, and physical controls
The introduction of the standard helps employees to better understand the risks and take care of safety into their daily routine.
By introducing the standard, the company shows that it considers international best practices, which increases the credibility of the brand
At the initial stage of implementation of ISO 27001, it is necessary to carry out an error-analysis of current systems. As a result of the assessment of the situation, the company will receive information about the level of security, which will allow it to pay proper attention when planning a strategy that should be in line with the business needs and goals.
Information security risk assessment is the most critical stage in the implementation of ISO 27001, during which a register of information assets is created, risks are identified, analyzed, and evaluated. The risk assessment methodology should include:
In this phase, the BDO Digital team will develop a strategy for implementing the control mechanisms selected at the risk assessment stage. The risk management strategy is based on the following principle:
In accordance with the risk management strategy, the company implements the necessary policies/procedures for information security management and effective control mechanisms. All of this will enable the company to ensure the confidentiality, availability, and integrity of critical information assets.
More than 8 years of experience in the field of information security. Has been leading cyber and information security management system in BDO for 2 years. At the time, under his leadership, the international standard for information security management ISO / IEC 27001: 2017 was implemented.