Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

Cybermedica has just contracted you to assist the Chief Information Security Officer ( CISO ) in designing the company's Information Security Management System ( ISMS

Cybermedica has just contracted you to assist the Chief Information Security Officer (CISO) in designing the company's Information Security Management System (ISMS) based on the ISO27001 Information Security Framework. As an expert in information security and cryptography, you are invited to prepare a report for the CISO addressing key points raised during meetings. This report will focus on providing a comprehensive approach to securing Cybermedica's operations, assets, and infrastructure.
The company has four major departments;
Research and Development (R&D) department specialising in automated statistical
analysis with offices in UK (London) and Greece (Athens),
Manufacturing Department specialising in designing hardware for wearables in
China,
Information Security and Technology Department that is responsible for the in-house
infrastructure as well as the cloud-based infrastructure hoste
d in Amazon Web
Services (AWS) in two locations USA and EU (Ireland),
Legal, Accounting, Billing and Invoicing department based in Cyprus (UK).
a) List the 10 most critical operations of DigiHealth and Co;
b) Define the scope according to the ISO27001 framework;
c) Identify 10 critical assets of the company and conduct a risk assessment for
each asset by identifying 2 possible threats and 2 possible vulnerabilities for
each threat for each asset.
You should include the following columns in your risk assessment table: name
of the asset, threat, vulnerability, current situation, impact, likelihood, risk,
suggested controls, residual risks.
In the current situation you are free to imagine any scenario that you would
like, e.g. the servers data are encrypted with outdated encryption
algorithms.
d) Identify 10 policies according to ISO27001 that you plan to launch and for
each policy define 2 metrics that can be used to measure their effectiveness
(Refer to ISO27001/Annex A).
Please provide me with a complete solution and make the excel file too with the columns aswell. Follow the steps step by step. Thank you.

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Databases Demystified

Authors: Andrew Oppel

1st Edition

0072253649, 9780072253641

More Books

Students also viewed these Databases questions