ISO17799信息安全休系(pdf 12)

No matter how secure and well protected an organisation
appears to be, sensitive information can be leaked without
you even realising until it’s too late.
All information in all departments, whether on computer
disk, paper or in the heads of those you employ, is at risk
from any number of very real threats. Information security
is no longer just an issue for IT managers – a single breach
of information security could cost your company hard
earned profits whilst doing irreparable damage to your
image and reputation. Your capacity to trade profitably
depends on your ability to manage this risk effectively.
As the number of reported information security breaches
consistently increases, the need to create a management
framework for information security intensifies. An
Information Security Management System (ISMS) – ISO
17799, the International Standards Organisation’s version of
BS 7799, will provide a well-proven framework to initiate,
implement, maintain and manage information security
within any organisation.
I S O 1 7 7 9 9
Once you start using ISO 17799 as a
basis for your ISMS, your management
system can be audited and registered
by a third party. This process adds
significant value to the ongoing
..............................