When implementing an information security management system (based on ISO/IEC 27001) you need to conduct a risk analysis (based on ISO/IEC 27005) and implement information security controls (based on ISO/IEC 27002). In order to better understand the IT governance framework of the organization, you can refer to service management systems (based on ISO/IEC 20000). Moreover, you have to properly consider security incident management (based on ISO/IEC 27035) and you must ensure that the organization has business continuity and recovery capabilities (based on ISO 22301).

Presenter:

Our presenter for this webinar, Andro Kull, has worked in both the public and the private sector, previously for the financial and energy sector. He started a career as IT specialist and IT manager, worked for a long time as IT auditor and as IT risk manager one of the largest company in Estonia. In parallel, he has made a small consulting company and managed projects related to IT risk assessment, the implementation of security measures, business continuity planning and recovery.

Organizer: Ardian Berisha

Date: September 25, 2019

Link of the recorded webinar on Youtube:

Slides of the webinar: