A simple tips and steps for the smooth implementation and certification of ISMS IS 27001
1. Get Management Support
The first thing that you should do is get a management support. ISO 27001 implementation need a corporate wide top down approach. Make sure that you have approval and support from higher management level
2. Define ISMS Scope
Whether integrated for all information security layers or just partial for data center, server or infrastructure is basically depends on your need and capability. Most of companies find some difficulties when implementing this standard for entire department. So be selective when defining the scope and limitation
3. Inventory Information Assets
Inventory asset is the next important thing. Make sure that all of assets recorded properly. Make sure that intellectual and shared asset is also not missed. Collecting this information assets usually facing a challenge since many of information is distributed and separated in several functions.
4. Conduct Information Security Risk Assessment
