ISO 20000

What's ISO 20000:2011 ?

This standard is to provide support and improve the information technology services, as well as creation of favorable information needs of the organization is to communicate with customers and suppliers.

Advantages of ISO 20000:2011 :

- Provide to Organization Security Structure

- Classification and identification of assets.

- Establish roles and responsibilities of IT departments and staff

- Management, monitoring and reporting the progress of objectives, programs IT systems.

- The creation of important business information

- The creation, development and maintenance of information systems

- Create a list of property information, and grouping criteria, grouping assets

Definitions :

- Information: set of Data that will be processing.

- Risk: Combination of the probability of occurrence of an event or exposure, and the possibility to influence the information systems

Proposal of ISO 22000:2011

- Preparation and Set of the organization's policy and statements .

- Under controlling  , integrating , optimizing  and classification of documents and records

- Establish , develop and maintain of information system.

- Staff training and security awareness

- Business risk analysis  and Provide to  list of IT processes critical

- Create an IT organizational structure

 - The identification and planning for its management

- Designed to collate with risk, security comprehensive policy , procedures , standards , product selection

- risk reduction plan  , assessment , review of risk mitigation, the report updates

- The risk management methodology reports

- Responsibility , deadlines, implement , review of actions taken and the effectiveness of corrective and preventive actions

- Continual improvement in all organizational units and sectors