Echo session on managing and securing information using the ISO 27000 standard
|del Mundo of the APO/IRO and Ferrer of the DAP Center for Knowledge Management (center) with DAP colleagues. Photo courtesy of DAP.|
To share the need for information security awareness and good practices of information security management standard setting, the APO Liaison/International Relations Office (APO/IRO) in cooperation with the Development Academy of the Philippines (DAP) Human Resource Development Office organized an echo session for APO grantees on Managing and Securing Information using the ISO 27000 Standard, 29 November 2011, at the DAP office in Pasig City.
Two APO grantees were invited to share their insights from a related APO training course held 17–21 October in Jakarta, Indonesia. Project Officer Jenalyn Ferrer from the DAP Center for Knowledge Management discussed the relevance of information security in today’s information age and provided an overview of information security management systems (ISMS). Project Coordinator and IT/Database Administrator of the APO/IRO Michael John del Mundo discussed the requirements of ISMS ISO 27000 standards from planning to audit. He also explained the ISO 27000 best practices of PT Panasonic Gobel Energy, a major Japanese company based in Indonesia, and other highlights of the APO course.
Attended by 24 DAP technical and administrative personnel, the session featured a lively discussion on the implementation of ISMS in the local setting. The resource speakers explained that the ISMS does not contradict the government transparency policy but instead facilitates the preservation of the integrity and availability of critical information needed by the public. Compared with the public sector, interest in ISMS among local private enterprises, specifically micro SMEs, remains low. Thus it is a challenge for the DAP to promote the adoption of ISMS and raise public awareness of information security management in both sectors. To do so, the DAP must first make itself an example for others to follow. “Top management involvement is important in implementing any productivity and quality initiative such as an ISMS. That is why as part of our action plan, my co-grantee and I will present a proposal to management for the adoption of the ISMS in the DAP next year,” Ferrer concluded.
Contributed by Coordinator Michael John M. del Mundo, APO/IRO, DAP