You are here: Home / About Us / News / GlobalTrust Presents a Series of Training Seminars for the Members of Information Security Management Committee

GlobalTrust Presents a Series of Training Seminars for the Members of Information Security Management Committee

A series of several seminars which last for 1-2 hours is aimed at raising awareness of the members of the management committee of the information security organization. Such committees which include representatives of all key divisions are established in the organizations which implement information security management systems in compliance with the requirements of international standards and in the organizations which strive to ensure the proper level of strategic management and coordination of actions aimed at information security assurance, between various divisions.

Material is intended for the managers without special training in the sphere of IT and security. The seminars have a flexible schedule. Time and place convenient for the customer may be chosen. For example, for many companies it is convenient to hold awareness seminars at their premises at the end or in the second half of the working day.

General Description

Information security in the organization is impossible without proper management support. ISO 27002:2005 specifies that the management should actively support security within the organization by clear management, demonstrated commitment, express appointment and confirmation of responsibility for information security (ISO/IEC 27002:2005, Clause 6.1.1 Management commitment to informational security). For this purpose the management of the organization shall:

  • make sure that the objectives of information security are defined, comply with the requirements of the organization and integrated into the significant processes;
  • define, review and approve the information security policy;
  • give clear instructions and visible support of information security initiatives;
  • allocate resources necessary to ensure information security;
  • approve appointment of individual roles and responsibly for information security;
  • initiate implementation of plans and programs of information security awareness;
  • make sure that introduction of information security controls is coordinated throughout the organization.

The management should also determine the need in external and internal consultations on information security and analyze and coordinate the results of such consultations throughout the organization. Information security coordination includes cooperation between the heads of divisions, users and administrators of information systems, developers and designers of applications, auditors and security service personnel and experts in the sphere of insurance, legislation, HR management and risk management (ISO 27002:2005, Clause 6.1.2 Information security coordination).

Management commitment, strategic management and information security coordination are the tasks solved by the Information Security Management Committee. Information security awareness program should be built from the Management Committee and gradually extended to all employees of the company.