ISO 27001 implementation, start to finish

10 pts.
Tags:
Implementation
Hello, I am a student at University of Advancing Technology in the BS network security program and have been assigned to ask a question on a one of the security frameworks we are studying. My question is to anyone who has implemented the ISO 27000 family of security frameworks what was your experience on beginning the process (good and bad) and how much effort did it take to finally get the certification? Also, if you don’t mind answering a second question, I was wondering how hard is it to maintain the security framework once you achieved the ISO 27001 certification? Thanks in advance, --Tracy CISSP

Answer Wiki

Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • jinteik
    the starting process is always difficult as you need to prepare everything and preparation takes a lot of effort. for iso 27001 there is a lot of Policy and Procedure (PnP) is required. usually there will be the 1st audit to see if you are on track and once they correct you (if there are minor mistakes or ways to improve) then they will come again to audit you again. maintain it is actually quite easy (for me). Make sure that you are following your processes according to what is written in PnP and making sure that all the information is actually up to date. Reviews should also be done once in a while so that you know your work is up to date and not only be updating everything when the auditor is coming to visit.    
    17,790 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following