ISO 17799 Workflow
The ISO 17799 standard is a good example of today's laws and regulations on the security of information systems.
The implementation of this ISO standard is a very good preparation for the compliance project.
ISO 17799 includes the following sets of standards:
- Security Policy
- Security Organization
- Asset Classification and Control
- Personnel Security
- Physical and Environmental Security
- Communications and Operations Management
- Access Control
- System Development and Maintenance
- Business Continuity Management
In addition to the technical actions related to ISO 17799, a large number of processes must be implemented.
The WorkflowGen BPM / Workflow software accelerates the ISO 17799 certification by automating the processes with the required level of audit trails.
Examples of ISO 17799 processes
ISO 17799 provides guidelines to implement security management in an enterprise (risk management, definition of security policy, system access control, incident management, audit management, etc).
The WorkflowGen workflow software can be integrated with enterprise applications like ERPs, databases and directories to automate human based tasks.
Here are some examples of processes automated by the WorkflowGen workflow software:
- Analysis and risk management
- Definition of security policy
- Definition of roles and responsibilities
- Employee clearance process
- New employee
- Employee status change
- Employee termination
- Sanction management
- Incident report
- Analysis and management of an incident
- Corrective action management