Date: Tuesday, August 27, 2019
Time: 2:00 pm - 3:00 pm ET
Your Host: BSI Group America
About this event
Ensuring the integrity, confidentiality, and accessibility of the organization’s information is no longer simply the responsibility of just the IT department – information security now spans the entire organization. With ISO/IEC 27001, you will have the necessary controls for developing the policies and procedures, but policy implementers often overlook the importance of scope while crafting the Statement of Applicability.
Scope is the single most important element when developing an Information Security Management System (ISMS); it explicitly defines stakeholders and managers of areas covered by the ISMS. You must include those departments with access, those who touch your products and services, as well as those whose systems the information traverses.
Join BSI on August 27 at 2:00 PM as information security expert Cristian Dragnef explains the standard’s intent, what is required in an effective scope, and what can be excluded. Cristian will provide relevant examples of what the auditor looks for during an assessment of the ISMS, as well as examples of effective scopes and those that have created difficulties for the organization.
About the Presenter
Cristian Dragnef is a certified BSI trainer and lead auditor with more than fifteen years of experience and extensive expertise in information risk and security management, quality management systems, IT service management, and software development. Cristian is an accredited ISMS lead auditor with IRCA, certified ISMS and QMS trainer with RABQSA and a CSA STAR certified auditor. His industry expertise spans a broad range of organizations, including manufacturers, telecom providers, equipment manufacturers, software providers, engineering firms, mining companies, health care providers and law firms.