Communiquez avec les autres et partagez vos connaissances professionnelles

Inscrivez-vous ou connectez-vous pour rejoindre votre communauté professionnelle.

Suivre

What is the biggest challenge in Implementing ISO 27001 ?

user-image
Question ajoutée par Mazhar uddin Syed , Technology Risk Manager , Wells Fargo International Solutions
Date de publication: 2016/08/19
Samrat Ray Chaudhuri
par Samrat Ray Chaudhuri , Sr. Network Engineer , Ministry of Defense

The biggest challenges I met whilst implementing ISO 27001 are as follows:

1) The management is very resistant to change and it requires great persuasive skills to make them sign off on the implementation. They are mostly into the benefits of implementation. Try to make great case for ROI. It works.

2) The risk assessment aspect of the entire enterprise. You can't do it all by yourself. You have to rope in the various department heads to participate and sign off on the risk assessment procedure. It requires a lot of diplomacy and man management skills. And a lot of communications with stake holders.

3) Gap assessment is also a challenge.  Assessing the existing security posture and then evaluating the treatments required to reach the target posture. Sometimes people are happy with the existing controls and have a resistance to change. We have to make trade offs and a great deal of persuading.

There are plenty more but these are the biggest ones I experienced.

Syed Sohaib
par Syed Sohaib , Linux System Administrator , Fiverr

There are many but for sure defining the scope is the biggest challenge in Implementing ISO 27001.

More Questions Like This