Add to collection(s) Add to saved
  1. Business
  2. Management

ISO 27001 Competence Check

advertisement 
ISO 27001 Competence Check
Annex of Application Form ISO 27001 (Please also provide complete CV):
Proof of Information Security Competence
Name of applicant:
Organization:
Professional experience: (from/to, company/institute, function/role)
1.
2.
Information Security Aspect
(examples for sorts of competence area)
Proof of Professional Experience
Remarks of the Certification Body
Please describe professional experience and knowledge
with regard to following aspects of “Information Security” ,
based on given facts of your CV
(intensity, volume, duration, etc.)
Management system
e.g.
 Establishing an ISMS (completely or partly)
 Practical experience with risk assessment
methods
 Risk evaluation/treatment (plan)
 Operation of management system
 Reviews/auditing of ISMS (components)
 Improvement plan concerning IS aspects
(corrections/prevention measures)
 Preparation of documentation
Page 1 of 9
ISO 27001 Competence Check
Annex of Application Form ISO 27001 (Please also provide complete CV):
Proof of Information Security Competence
Information security policy (strategies)
e.g.
 Establishing or supporting any IS policy
 Participation of reviews of the policy
Page 2 of 9
ISO 27001 Competence Check
Annex of Application Form ISO 27001 (Please also provide complete CV):
Proof of Information Security Competence
Internal organization
e.g.
 Implementation or maintenance of IS
infrastructure within the organization
 Co-ordination/reporting of information
security tasks
 Establishing/implementation of IS-relevant
controls
 Membership in specialist committees
 Risk assessment concerning external
parties (customer, partner, etc.)
 Liasioning with authorities
 Setting up requirements of confidentiality
documents
 Participating in independent review of IS
Asset management
e.g.
 Owner of relevant assets, critical
information
 Definition of rules for use of assets
 Conduct of risk assessments for assets
 Definition of the corresponding levels of
protection for assets
Page 3 of 9
ISO 27001 Competence Check
Annex of Application Form ISO 27001 (Please also provide complete CV):
Proof of Information Security Competence
Human resources security
(before, during employment, at termination/change)
e.g.
 Definition of security aspects for roles or
functions (e.g. system administrator,
service personell)
 Clarifying IS concerns when hiring
employees (e.g. in interviews in IS relevant
areas)
 Conduct of IS awareness trainings for
employees
 Terms and conditions of employment
 Removal of access rights
Page 4 of 9
ISO 27001 Competence Check
Annex of Application Form ISO 27001 (Please also provide complete CV):
Proof of Information Security Competence
Physical and environmental security
e.g.
 Design of security perimeters and entry
controls
 Implementation of security and monitoring
procedures
 Conduct of security checks
 Equipment responsibility (incl.
service/maintenance tasks, mobile tools,
disposal etc.), siting and protecting of
equipment security
Page 5 of 9
ISO 27001 Competence Check
Annex of Application Form ISO 27001 (Please also provide complete CV):
Proof of Information Security Competence
Communications and operations management
e.g.
 Definition or implementation (participation)
of operating procedures and responsibilities
to ensure the correct and secure operation
of information processing facilities
 Conduct of capacity planning
 involved in change management of
information processing facilities/systems
 Participate in system acceptance test or
service evaluation(IS-aspects)
 Responsibility for system documentation
 Implementation of virus scanners and
firewalls, configuration of mobile code
 Implementation/operation of information
back-up systems
 Implementation/monitoring of controls for
network security
 Handling/safeguarding of information media
or significant information (incl. disposal)
 Involved in service delivery management
(e.g. monitoring, review, negotiation)
Access control
e.g.
 Definition of policies and business
requirements for the access to information,
IT systems and networks
 Managing and controlling access rights to
information systems
 User password management
 Experience as a user of sensitive
information/systems
 Conduct of security trainings for users
 Practical experience in security of mobile
Page 6 of 9
ISO 27001 Competence Check
Annex of Application Form ISO 27001 (Please also provide complete CV):
Proof of Information Security Competence


computing and teleworking
Experience in network management
Experience in operating systems control
(setup of policies and rules, monitoring)
Information sytems acquisition, development
and maintenance
e.g.
 Definition of security requirements for new
systems (for development, change and
maintenance)
 Implementation of controls for secure
operation of application systems
 Conception and implementation of
cryptographic controls
 Implementation of security controls for
development and maintenance processes
 Responsibility for technical vulnerability
/patch management
IS Incident Management
e.g.
 Participation in reporting and management of
IS events/incidents
 Analyzing and risk assessments of incidents
 Compilation of lessons learned from incidents
 Evidence collection
Business continuity management
e.g.
 Establishing/implementation of emergency
plans
 Test and evaluation of emergency
Page 7 of 9
ISO 27001 Competence Check
Annex of Application Form ISO 27001 (Please also provide complete CV):
Proof of Information Security Competence

scenarios
Participation in business impact analysis
Compliance with legal and other requirements,
security requirements and technical standards
e.g.
 Knowledge of applicable relevant statutory,
regulatory and contractual requirements
 Conduct of compliance checks
 Experience in protection of data and
intellectual property rights
 Conduct of IS relevant audits
 Special trainings in legal requirements (e.g.
cryptography)
Other aspects with regard to information
security
 Experience in using audit tools
 Audits in IT industries
Trainings (IS specific):



Y
Y
Page 8 of 9
ISO 27001 Competence Check
Annex of Application Form ISO 27001 (Please also provide complete CV):
Proof of Information Security Competence
Location/Date:
Signature of Applicant:
Page 9 of 9
Related documents
簡報資料下載
簡報資料下載
application - Uminova Innovation
application - Uminova Innovation
Things You can Do to Create A Successful Student
Things You can Do to Create A Successful Student
Competence-Analysis-Worksheet-p.-144
Competence-Analysis-Worksheet-p.-144
Lesson Plan Template
Lesson Plan Template
LANGUAGE COMPETENCE TESTS SCHEDULE FOR THE 2015
LANGUAGE COMPETENCE TESTS SCHEDULE FOR THE 2015
Process Management and Improvement
Process Management and Improvement
Download
advertisement