A few questions Are you currently Doing ISO27001? Is he just looking for a "big picture overview" on what you are doing? If you are not doing anything currently, then look at what the companies your CIO worked at and look to adopt one of those or defend ISO(if that the route you want to take)
Check out PECB.org for another look at ISO (as opposed to BSI's, one may feel better to you than the other.) Also check out mycima.net (company I work for) for ISO & other security methodology information. <commercial plug> I'll be teaching ISO27001 Lead Auditor in Boston next week (9/16-9/20/20/13) and Lead Implementer in other places over the next few months </commercial plug> On Thu, Sep 5, 2013 at 7:05 PM, marck e. <[email protected]> wrote: > Our new CIO has asked us for our information security management framework. > No endless security risks matrix ,just the big picture preferably with > nice pictures. > I'm having a hard time finding a picture of ISO 27001 that talks > thousands of words. > > What I ve found so far doesn't convince me, here they are some picks: > > http://www.wtc-india.com/images/informatiaonsecurity2.jpg > > http://aset.azdoa.gov/sites/default/files/media/pics/EA%20Target%20Security%20Architecture.gif > > Any help? Any other information security framework picture? > > thanks > > Marck > > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > -- Tim Krabec tkrabec.com
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
