Cng ty TNHH T vn v o to Qun l MASCI /c: 004, Ta nh Kim Sn 1, ng Trc, P. 13, Qun Bnh Thnh, Thnh ph H Ch Minh .T: 08.5445.4564 email: info@masci.com.vn

MASCI mangement Training and Consulting Co., Ltd. Add: 004, Kim Son 1 Apartment Building, Truc street ward 13, Binh Thanh district, Ho Chi Minh cityTel: 08.5445.4564 email: info@masci.com.vn

1/9

TI LIU GII THIU DCH V T VN V O TO

XY DNG H THNG QUN L AN NINH THNG TIN

THEO TIU CHUN ISO/IEC 27001:2013

Lin h : Nguyn Trung Kin Tel : 08.5445.4564 Mobile : 0903385154 Email : kiennt@masci.com.vn

Nm 2014

Cng ty TNHH T vn v o to Qun l MASCI /c: 004, Ta nh Kim Sn 1, ng Trc, P. 13, Qun Bnh Thnh, Thnh ph H Ch Minh .T: 08.5445.4564 email: info@masci.com.vn

MASCI mangement Training and Consulting Co., Ltd. Add: 004, Kim Son 1 Apartment Building, Truc street ward 13, Binh Thanh district, Ho Chi Minh cityTel: 08.5445.4564 email: info@masci.com.vn

2/9

GII THIU DCH V T VN ISO/IEC 27001:2013

Vi ng chuyn gia c o to bi bn, chuyn nghip, c nhiu nm kinh nghim lm vic trong lnh vc qun l an ninh thng tin t trc khi tiu chun ISO/IEC 27001 c ban hnh, do c th nh gi, phn tch v t vn xy dng v p dng h thng qun l an ninh thng tin mt cch c hiu qu, gp phn nng cao hiu qu hot ng ca doanh nghip, gim thiu c ri ro i vi ti sn thng tin ca doanh nghip.

Trong thi gian qua, cc chuyn gia ca cng ty t vn, o to v tham gia nh gi chng nhn cho nhiu n v trong lnh vc ny.

Dch v gi tr gia tng (min ph):

Cng ty s gii thiu min ph tng quan v H thng qun l an ninh thng tin theo b tiu chun ISO/IEC 27000, trnh t thc hin v d kin khi lng cng vic cho Qu doanh nghip nhm gip cho CBCNV hiu r hn v b tiu chun ISO/IEC 27000 trc khi quyt nh k hp ng thc hin d n.

H tr trong nh gi chng nhn

H tr, trao i thng tin trong qu trnh n v duy tr h thng

Cng ty TNHH T vn v o to Qun l MASCI /c: 004, Ta nh Kim Sn 1, ng Trc, P. 13, Qun Bnh Thnh, Thnh ph H Ch Minh .T: 08.5445.4564 email: info@masci.com.vn

MASCI mangement Training and Consulting Co., Ltd. Add: 004, Kim Son 1 Apartment Building, Truc street ward 13, Binh Thanh district, Ho Chi Minh cityTel: 08.5445.4564 email: info@masci.com.vn

3/9

QUY TRNH T VN XY DNG V P DNG ISO/IEC 27001

Tip xc ban u

Gii thiu ISO/IEC 27000

Xc nh phm vi ISMS

Hp ng, k hoch

Kho st thc trng

o to nhn thc, XD ti liu

Thit lp chnh sch, mc tiu

Xc nh bi cnh ni b v bn ngoi

Xc nh cc bn quan tm v yu cu v ca h

Xy dng phng php nh gi ri ro

Xy dng cc tiu ch chp nhn ri ro

nh gi ri ro

Ty chn x l ri ro

La chn mc tiu kim sot v bin php kim sot

Xy dng k hoch x l Risk

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

Cng ty TNHH T vn v o to Qun l MASCI /c: 004, Ta nh Kim Sn 1, ng Trc, P. 13, Qun Bnh Thnh, Thnh ph H Ch Minh .T: 08.5445.4564 email: info@masci.com.vn

MASCI mangement Training and Consulting Co., Ltd. Add: 004, Kim Son 1 Apartment Building, Truc street ward 13, Binh Thanh district, Ho Chi Minh cityTel: 08.5445.4564 email: info@masci.com.vn

4/9

(Ghi ch: tng thi gian xy dng n khi nh gi chng nhn ty thuc vo ngun lc, nhn thc ca t chc, khong t 08 n 10 thng)

Son tho v sot xt ti liu (gm trch nhim quyn hn)

p dng: Thc hin k hoch x l Risk, cc bin php kim sot chn, cc th tc vn

hnh ISMS

o to chuyn gia nh gi ni b

Tin hnh nh gi ni b

Khc phc sau nh gi

Hp xem xt ca lnh o v ANTT

nh gi chng nhn

Nhn Giy chng nhn, duy tr v ci tin h thng

17

18

19

20

21

22

23

24

XD bng tuyn b p dng 16

Cng ty TNHH T vn v o to Qun l MASCI /c: 004, Ta nh Kim Sn 1, ng Trc, P. 13, Qun Bnh Thnh, Thnh ph H Ch Minh .T: 08.5445.4564 email: info@masci.com.vn

MASCI mangement Training and Consulting Co., Ltd. Add: 004, Kim Son 1 Apartment Building, Truc street ward 13, Binh Thanh district, Ho Chi Minh cityTel: 08.5445.4564 email: info@masci.com.vn

5/9

H thng qun l an ninh thng tin theo tiu chun ISO/IEC 27001:2013

Gii thiu chung

ISO 27001 l tiu chun v h thng qun l an ninh thng tin (ISMSInformation Security Management System) do T chc tiu chun ho quc t (ISO) pht trin v ban hnh vo thng 10 nm 2005, c sot xt vo thng 10/2013. Tiu chun cung cp mt m hnh thit lp, p dng, vn hnh, gim st, xem xt, duy tr, ci tin H thng ISMS v c th p dng cho hu ht mi loi hnh t chc nh: cc t chc kinh doanh thng mi, Chnh ph, t chc phi li nhun.

ISO/IEC 27002 b quy tc thc hnh tt an ninh thng tin l tiu chun b sung cho ISO 27001, nu c th s lng bin php kim sot an ninh, c la chn v p dng nh mt phn ca h thng an ninh thng tin. Hai tiu chun ny ho hp v lin quan mt thit vi nhau.

ISO 27001 qui nh nhng yu cu i vi h thng an ninh thng tin, khc bit vi ISO/IEC 27002 ch l c iu chnh mt s iu cn thit ph hp vi nhu cu ca doanh nghip v l c s xem xt nh gi cp chng ch ca t chc bn th ba.

ISO 27001 c xy dng hi ho, tng thch vi cc h thng qun l khc nh: ISO 9001:2008, ISO 14001:2004 v c nh hng trn phm vi ton cu.

Cng ty TNHH T vn v o to Qun l MASCI /c: 004, Ta nh Kim Sn 1, ng Trc, P. 13, Qun Bnh Thnh, Thnh ph H Ch Minh .T: 08.5445.4564 email: info@masci.com.vn

MASCI mangement Training and Consulting Co., Ltd. Add: 004, Kim Son 1 Apartment Building, Truc street ward 13, Binh Thanh district, Ho Chi Minh cityTel: 08.5445.4564 email: info@masci.com.vn

6/9

Li ch ca vic p dng ISO 27001:2013

Chng t cam kt m bo v an ninh thng tin mi cp trong t chc

m bo tnh sn sng v tin cy ca phn cng, phn mm v cc c s d liu

Bo mt thng tin, to nim tin cho i tc v khch hng

Gim thiu ri ro gp phi

Nhanh chng khc phc cc s c xy ra

Gim gi thnh v cc chi ph bo him

Gim chi ph sa cha, trang b li thit b

Nng cao nhn thc v trch nhim ca tt c cc nhn vin v an ninh thng tin.

Nng cao hnh nh ca c quan, n v

To li th cnh tranh trong u thu, kinh doanh

Cng ty TNHH T vn v o to Qun l MASCI /c: 004, Ta nh Kim Sn 1, ng Trc, P. 13, Qun Bnh Thnh, Thnh ph H Ch Minh .T: 08.5445.4564 email: info@masci.com.vn

MASCI mangement Training and Consulting Co., Ltd. Add: 004, Kim Son 1 Apartment Building, Truc street ward 13, Binh Thanh district, Ho Chi Minh cityTel: 08.5445.4564 email: info@masci.com.vn

7/9

B tiu chun ISO/IEC 27000

ISO/IEC 27000:2014 Cc nguyn tc v t vng

ISO/IEC 27001:2013 Cc yu cu ca h thng qun l an ninh thng tin

ISO/IEC 27002:2013 Quy tc thc hnh an ninh thng tin

ISO/IEC 27003:2007 Hng dn p dng H thng qun l an ninh thng tin

ISO/IEC 27004:2006 Hng dn o lng H thng qun l an ninh thng tin

ISO/IEC 27005:2011 Hng dn Qun l ri ro HTQL an ninh thng tin

ISO/IEC 27006:2011 Cc yu cu i vi t chc chng nhn

ISO/IEC 27007:2011 Hng dn nh gi ni b HTQL an ninh thng tin

Cng ty TNHH T vn v o to Qun l MASCI /c: 004, Ta nh Kim Sn 1, ng Trc, P. 13, Qun Bnh Thnh, Thnh ph H Ch Minh .T: 08.5445.4564 email: info@masci.com.vn

MASCI mangement Training and Consulting Co., Ltd. Add: 004, Kim Son 1 Apartment Building, Truc street ward 13, Binh Thanh district, Ho Chi Minh cityTel: 08.5445.4564 email: info@masci.com.vn

8/9

Cc yu cu ca tiu chun quc t ISO 27001:2013

1. Bi cnh ca t chc (yu cu hiu v ni b v bn ngoi; xc nh phm vi p dng)

2. Lnh o (yu cu chng minh vic cam kt, thit lp chnh sch, mc tiu, thit lp trch nhim v quyn hn

3. Hoch nh: - Xc nh ri ro v c hi Xc nh ri ro (yu cu hoch nh cc hot ng xc nh ri ro) Xc nh cc c hi t c kt qu mong mun, gim thiu ri ro (yu

cu hoch nh cc hot ng xc nh c hi)

Cch thc nh gi hiu qu ca cc hot ng trn - nh gi ri ro Thit lp chun mc (nh gi v chp nhn) Nhn bit cc ri ro Phn tch ri ro Lng ha ri ro

- X l ri ro Chn ty chn x l (chn 1 trong 4 ty chn) Chn bin php kim sot (c th ngoi ph lc A) Tuyn b p dng cc bin php kim sot (k c bin php ngoi ph lc A) Xy dng k hoch x l ri ro Ph duyt ri ro cn li

- Thit lp mc tiu ANTT v hoch nh t c MT ANTT Thit lp MT ANTT Hoch nh cch thc t mc tiu (5W, 1H)

4. H tr - Ngun lc (nhn lc, vt lc, thi gian) - Xc nh nng lc nhn s - o to nhn thc - Xc nh kn trao i thng tin (ni b v bn ngoi 5W, 1H) - Kim sot ti liu, h s (thng tin c lp thnh ti liu)

Cng ty TNHH T vn v o to Qun l MASCI /c: 004, Ta nh Kim Sn 1, ng Trc, P. 13, Qun Bnh Thnh, Thnh ph H Ch Minh .T: 08.5445.4564 email: info@masci.com.vn

MASCI mangement Training and Consulting Co., Ltd. Add: 004, Kim Son 1 Apartment Building, Truc street ward 13, Binh Thanh district, Ho Chi Minh cityTel: 08.5445.4564 email: info@masci.com.vn

9/9

5. Vn hnh - Thc hin cc qu trnh - Thc hin nh gi ri ro ANTT - Thc hin x l ri ro ANTT - Kim sot vic thc hin - Kim sot cc qu trnh thu ngoi 6. nh gi vic thc hin

Gim st, o lng, phn tch v nh gi

nh gi ni b H thng ISMS

Xem xt ca lnh ao v H thng ISMS

7. Ci tin S khng ph hp

Ci tin lin tc

Km theo l 1 ph lc quan trng gm 114 bin php kim sot, 35 mc tiu kim sot c phn thnh 14 nhm yu t, sau :

1. Chnh sch an ninh thng tin (A.5) 2. T chc an ninh thng tin (A.6) 3. An ninh ngun nhn lc (A.7) 4. Qun l ti sn (A.8) 5. Kim sot truy cp (A.9) 6. M ha (A.10) 7. An ninh vt l v mi trng (A.11) 8. An ninh vn hnh (A.12) 9. An ninh trong trao i thng tin (A.13) 10. Tip nhn, pht trin v duy tr H thng (A.14) 11. Mi quan h vi nh cung ng (A.15) 12. Qun l s c an ninh thng tin (A.16) 13. An ninh trong m bo tnh lin tc trong hot ng (A.17) 14. S tun th (A.18)

Mi chi tit xin lin h:

Nguyn Trung Kin Email: kiennt@masci.com.vn

Tel: 08.5445.4564 Mobile: 0903385154