The Implementation of Information Security Management Systems
Information Security Management Systems (ISMS) which compliance to MS ISO/IEC 27001:2013 standard at the UPM was established to manage information security systems in accordance with all safety regulations governing information from time to time to ensure all data related to the scope of the ISMS to minimize the incident cases. ISMS is also intended to facilitate the sharing of information in accordance with the operational needs of the Data Centre, UPM. The objective of ISMS is to manage and protect information security in line with the needs and expectations of stakeholders. It emphasizes to the concepts or principles of information security preservation of the confidentiality, integrity and availability. The first stage of the audit was held on 24 October 2012, followed by the Second Stage Audit on 19-20 December 2012. UPM has successfully acquired certification of ISMS certificates numbered AR 5761 on 4 January 2013.
Universiti Putra Malaysia is highly committed in effectively providing and managing of the ISMS via following:
(ISMS policy has been endorsed by the Chairman of the Board of University Directors dated 9 December 2014)
The scopes of the ISMS Certification UPM are identified as follows:
ISMS Impact in UPM
With the availability of the ISMS at UPM, data management and security levels are more manageable and organized. In addition, the development of procedures, guidelines and Statement of Applicability (SOA) on ISMS will help further more systematic way of working. The use of the forms and procedure of the work will facilitate the tracking information at an early stage in case of any untoward incident. Therefore, ISMS has made UPM in a way forward in data management system.
Updated:: 03/02/2016 [uda]