Information System
Implementing & Evaluating ISO 27001:2013 Framework in a Corporate
Due to growing information security risks, organizations must continually monitor and effectively manage the security of their computing infrastructure. Further, organizations must ensure the confidentiality, integrity, and availability of their information assets.
ISO 27001:2005 is a time-proven international standard of best practices published by the International Organization for Standardization (ISO) for establishing, maintaining, and improving security programs for all organizations. An ISO 27001 based Information Security Management System (ISMS) is a set of integrated processes that govern the management of security program policies and procedures.
Learning Outcomes: At the end of the assignment, students should be able to:
▪ Know the importance of ISO 27001 framework for implementing CIA Effat University.
▪ How this framework is used to develop (ISMS System) for Effat University to fulfil its security goals to run university business successfully & effectively.
Company Name: (Effat University Jeddah)
Individual Deliverables (Research & Documentation by individual members)
1. Select a corporate to apply ISO 27001 framework to develop an ISMS system for the corporate selected to achieve the following objectives:
➢ Protect intellectual property rights, financial interests, university records & students records and other useful data and completive edge
➢ Protect IT infrastructure and Network & Application program, operations and services.
➢ Safeguard the interests and privacy of all employees, students, staff and stakeholders etc. and retain their trust
➢ Comply with the law and defend against legal action
➢ Maintain the reputation of the university
Notes:
▪ Above deliverable should include proper evaluation and justification.
▪ Use appropriate diagrams or other details wherever possible to illustrate your justifications and explanations.