What do I do?
Doing nothing is probably not an option any longer for organisations that want to be seen as serious about information security management. Deciding whether to purchase a new firewall or implement an ISMS with the current IT budget is missing the point of a more holistic approach to protecting and enhancing organisation value.
orces for change are growing and powerful stakeholder expectations are increasingly driving towards a more professional ISMS. They already expect you to have a firewall, and are now expecting you to strategically do even more to protect their valuable information.
Treating ISMS as an investment for return rather than just a cost is a great way to help unsure, resistant or laggard leaders to understand the benefits. This document has set out to identify the key areas for consideration as you build that business case.
One size doesn’t fit all of course so if you need more help, get in touch with our team at ISMS.online. They or one of our partners will be pleased to assist.
Suggested further reading:
- ISMS.online Blog
- 5 Steps to Success for GDPR
- ISO 27001: Statement of Applicability (SoA) – The Complete Guide
An ISMS delivers a positive return on investment. The goal of our whitepaper is to show you why, what, and how you can get RoI from an ISMS that fits the business needs.
The key considerations when building the business case for an ISMS?
- 1Building the business case for an ISMS
- 3The Challenge is Growing
- 4Three Reasons Why Nothing Happens
- 5Planning the business case for an ISMS
- 6A Point on People
- 7In Considering The Technology
- 8What is an ISMS?
- 9Understanding the Components of an ISMS
- 10The People Involved in the ISMS
- 11Why Do Organisations Need An ISMS?
- 12Is Your Organisation Leadership Ready to Support an ISMS?
- 13Developing the Business Case for an ISMS
- 14Achieving Returns from the Threats and Opportunities
- 15Stakeholder Expectations for the ISMS given their Relative Power and Interest
- 16Scoping the ISMS to Satisfy Stakeholder Interests
- 17GDPR Focused Work
- 18The Return on Investment from Information Security Management
- 19Doing Other Work for Broader Security Confidence & Assurance with Higher RoI
- 20Build or Buy – Considering the Best Way to Achieve ISMS Success
- 21The characteristics of a good technology solution for your ISMS
- 22Whether to Build or Buy the Technology Part of the ISMS
- 23The Core Competences of the Organisation, Costs and Opportunity Costs
- 24Evaluating The Threats
- 25Identifying The Opportunities
- 26Work To Get Done for ISO 27001
- 27In Conclusion