December 31, 2009

New look for 2010?

Good morning folks,

I hope you are doing well, there is only a few hours left before we move to 2010 so let me wish you and your family a happy new year full of health and fun :)

Based on the recommendations of a few followers, I have decided to personalize my blog to provide you with a better reading experience.  I will stick to a simple style and limit as much as possible the use of gadgets.

I hope you will enjoy the changes!

Cheers,
Martin Dion (CISSP/CISM)
ISO:27001 Lead Auditor & Trainer
CTO @ Above Security
Publié par No comments:
Libellés :

December 25, 2009

Editorial Calendar

Starting Q1-2010, I will try to publish at least two training sessions per month.  I am planning to deliver 30 to 60 minutes capsules based on the following monthly editorial calendar:
  1. ISO family of standards, why use a standardized framework, the ISO:27001 standard and structure, the certification process
  2. ISO:27001 Clause 4 – ISMS requirements overview, defining the scope, document & record management, minimal documentation requirements
  3. Defining roles and responsibilities, planning the ISMS implementation project
  4. Risk management, risk analysis and the statement of applicability (SOA)
  5. ISO:27001 Clause 5 – Management responsibilities, sample ISO:27001 management awareness training
  6. ISO:27001 Clause 6 – Internal audits, building an internal audit program
  7. ISO:27001 Clause 7 – Management reviews, sample agenda
  8. ISO:27001 Clause 8 – Continuous improvement, root cause analysis, corrective & preventive action plans
  9. Annex A control objectives (A.5 to A.10)
  10. Annex A control objectives (A.11 to A.15)
  11. Other useful standards to ISMS implementation and business improvement, ISO20000/BS25999/PCI-DSS/ISO9001 overview
  12. Integrating and unifying multiple management systems to prevent redundancy and improve efficiency
If you have any request or recommendations please do not hesitate to comment!

Martin Dion (CISSP/CISM)
ISO:27001 Lead Auditor & Trainer
CTO @ Above Security
Publié par No comments:
Libellés :

Launching my Blog

Good day all,

My name is Martin Dion, I am an information security professional located in Switzerland with over 15 years of experience specializing in ISO:27001, PCI-DSS and governance initiatives. 

I am the co-founder and Chief Technology Officer at Above Security, an information security management consulting firm with head office in Canada serving customers in over 22 countries.

I hold various certifications such has CISSP, CISM, ISO:27001 Lead Auditor/Implementer & Trainer (RABQSA) and also ISO:20000 Lead Auditor.

Over the past few years, most of my engagements focused on helping clients implementing ISMS (information security management system) and teaching formal 27001 lead auditor and implementation classes.

I am currently writing a book on the subject and decided to create a series of training video capsules and a blog within which I will publish the relevant links and supporting papers.

Thanks in advance for your time and comments and I hope you will enjoy over the next twelve months the posting and training capsules.

Martin Dion (CISSP/CISM)
ISO:27001 Lead Auditor & Trainer
Publié par No comments:
Libellés :
Subscribe to: Posts (Atom)