In this case study presentation, Mark Henry (Information Security Compliance and Monitoring Manager with Co-operative Banking Group) and Richard Mayall (Partner with Acuity Risk Management), will outline the Co-operative Bank's assessment, improvement tracking and reporting requirements for an integrated security management system, and describe how such a system was designed, built and operated. The principles explained in this session will show you how a wide variety of risk and compliance activities can be brought together into an Integrated Management system, for example: ISO 27001 and PCI DSS for information security management; COBIT and ITIL / ISO 20000 for IT and service management; BS 25999 / ISO 22301 for business continuity management; ISO 9001 for product/service quality management; ISO 14001 for environment management; ISO 18000 for occupational health and safety management.
• Understand the key elements of an effective integrated management system (IMS) for information security involving multiple control standards
• Discover how to create an asset based approach, and the benefits which this gives
• Learn how to create your own IMS using free resources available online