What technology to consider when doing your ISMS?
If you run your sales, accounting and other key business systems using excel sheets and word docs, relying on emails and folders for sharing, then you’ll probably want to do the same here. If you are however serious about information security and privacy, you’ll want to show that too with a professional platform in the same way that Salesforce.com, Xero etc deliver for their target audience.
Sheets, docs, emails have a role in the ISMS like they do in sales and accounting solutions, but they are not the only thing you need for success.
A good ISMS solution meets the 10 characteristics described later and covers the scope of ISMS to meet the stakeholder expectations now and in the future.
You can build or buy the technology but stick to your core competences. If you wouldn’t build Salesforce.com don’t build the technology for your ISMS, there are better options out there already.
Ensure your focus is on what you are trying to achieve with the ISMS, not worrying about how to do it.
An ISMS delivers a positive return on investment. The goal of our whitepaper is to show you why, what, and how you can get RoI from an ISMS that fits the business needs.
What are the key considerations when building the business case for an ISMS?
- Context
- A growing challenge
- Three reasons why nothing happens
- The return on investment from information security management
- A point on people
- In considering the technology
- What is an ISMS?
- What are the components of an ISMS?
- Why do organisations need an ISMS?
- Is your organisation leadership ready to support an ISMS?
- Developing the business case for an ISMS
- Benefits to realise – Achieving returns from the threats and opportunities
- Evaluating the threats
- Identifying the opportunities
- Stakeholder expectations for the ISMS given their relative power and interest
- Scoping the ISMS to satisfy stakeholder interests
- GDPR focused work
- Doing other work for broader security confidence and assurance with higher RoI
- Work to get done for ISO 27001:2013/17
- Build or buy – Considering the best way to achieve ISMS success
- The people involved in the ISMS
- The characteristics of a good technology solution for your ISMS
- Whether to build or buy the technology part of the ISMS
- The core competences of the organisation, costs and opportunity costs
- In conclusion