Information Security Management System

People in the company keep asking me, what is this all about? Well, isn’t it self-explanatory by the topic itself?

Simple English: To have a system to manage the security of your information.
Why this might be applicable to our company? Our Company is an IT Consultant – that provide solution and support to its client. These clients will have their information within the system of which they wanted us to develop. So it is our responsibility to ensure their information, financially or personally from being access by unauthorized party or agency, whether for personal use, business advantage or profit.

ISMS itself is a compliance and this compliance then can be measured by the standard IS027001. Prior to the security audit and stuff, the company should implement the ISMS in the organization and complied with it.

When talking about Security, what comes in peoples’ mind will be the technical part, password, account number and all those which seems to have high impact should we lose it. People tend to ignore the other part of security which lies beneath. As a matter of fact, security is more than just a bunch of key password and all sorts. It is securing our information assets from unauthorized access. There are 3 elements that factored and consider in ISMS implementation, that are: Confidentiality, Integrity and Availability.

Confidentiality itself is self-explanatory. Of course everyone would expect that all their personal data and financial data should be kept secured. But what is integrity and availability have to do with security?

As a matter of fact, security will apply in the sense that, the company should ensure that the system will be available as promise to clients and its integrity should be maintained and not jeopardize. Just take for example, if the system in the stock market went down. What will happen?? Chaos!! Its not because of the confidentiality of the stock market, but because of the importance of its availability to the market and public. Businesses might lose billions of dollars if the system is down. What do you think?

Well, that is just brief explanation of ISMS..will cover the topic when I have mood.

Ooo..btw Dirah, you might ask, where am I? in da office… I’m trying to finish my presentation slide for the knowledge sharing to Customer Service Unit regarding the new implemented and roll-out General Ledger System, and I’m dymn bored!!! Sick!! Keep sneezing and coughing and it turn off my mood to even think about the presentation. So I take the break, to type this topic. :P And in case you read this blog before 5pm, tell babu that I’ll be a bit late today ;) say 8pm? HaHa…