x
    
   Advanced Search


visitors


MS ISO/IEC 27001:2007
INFORMATION TECHNOLOGY- SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS – REQUIREMENTS

MS ISO/IEC 27001 is one of the standards from Information Security Management Systems (ISMS) Family of Standards which specify on ISMS Requirements. 

MS ISO/IEC 27001:2007 is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties which aim to ensure the security in preservation of confidentiality, integrity and availability of information; in addition, other properties such as authenticity, accountability, non-repudiation and reliability can also be involved.

This Malaysia Standard is a certifiable and auditable standard that specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving documented Information Security Management System (ISMS) within the context of the organization’s overall business risks. It specifies requirements for the implementation of security controls customized to the needs of individual organizations or parts thereof.

The management system includes organizational structure, policies, planning activities, responsibilities, practices, procedures, processes and resources and is a systematic approach in managing organization’s information security The application of this standard will assist the local industry to align the ISMS requirements with the International direction and requirements.


MS ISO/IEC 27002:2007
INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY MANAGEMENT

MS ISO/IEC 27002 is one of the standards from ISMS Family of Standards which specify on establishing guidelines and general principles for initiating, implementing, maintaining, and improving information security management in an organization. 

Designed to fit the interest of the whole Malaysian communities who deal with ICT technologies as this standard provides the main elements of Information Security Management Systems (ISMS), this Malaysian Standard contains best practices of control objectives and controls (with some implementation guidelines) in many areas of information security management. 

This Malaysian Standard is intended to be implemented to meet the requirements identified by a risk assessment and the objectives outlined as a common basis and practical guideline for developing organizational security standards and effective security management practices, and to help build confidence in inter-organizational activities.


MS ISO/IEC 27005:2012
INFORMATION TECHNOLOGY- SECURITY TECHNIQUES - INFORMATION SECURITY RISK MANAGEMENT

MS ISO/IEC 27005 is one of the standards from Information Security Management Systems (ISMS) Family of Standards which supports the general concepts specified in MS ISO/IEC 27001 and is designed to facilitate the satisfactory implementation of information security based on a risk management approach. 

This standard provides guidelines for information security risk management in an organisation. However, it does not provide any specific method for information security risk management. It is up to the organisation to define their approach to risk management, depending for example on the scope of the ISMS, context of risk management, or industry sector. 

Knowledge of the concepts, models, processes and terminologies described in MS ISO/IEC 27001 and MS ISO/IEC 27002 is important for a complete understanding of MS ISO/IEC 27005:2012.

MS ISO/IEC 27005:2012 is relevant to managers and staff concerned with information security risk management and applicable to all types of organisations (e.g. commercial enterprises, government agencies, and non-profit organizations) which intend to manage risks that could compromise the organisation's information security.


Any enquiry on ISMS Standard, please contact: 

Ms Salwa Denan
Standards Development Section
Standard Department
Tel: 603-5544 6368
E-mail: salwad@sirim.my

Best viewed at display 1024x768 resolution or better.
Compatible with IE 10.x, Firefox 29.x, Chrome 35.x, Opera 21.x and Safari 5.x.
This site uses IP2Location LITE data.
Maintained by SIRIM Berhad.
© 2005-2017 by STANDARDS MALAYSIA.
All rights reserved.