Information Security Management System

Only available on StudyMode
  • Download(s) : 533
  • Published : September 13, 2009
Open Document
Text Preview
[pic]

HINDALCO

INFORMATION SECURITY MANAGEMENT SYSTEM IMPLEMENTATION AND CHALLENGES

A study by

Akash Pandey - MBA (IT)

Indian Institute of Information Technology

Allahabad, U.P.

This study is submitted in fulfillment of the requirements for the degree in Master of Business Administration from Indian Institute of Information Technology, Allahabad

June 2008

[pic] INDIAN INSTITUTE OF INFORMATION TECHNOLOGY

(Deemed University)
Jhalwa, Deoghat.
Allahabad.

SUMMER TRAINING CERTIFICATE

This is to certify that Akash Pandey of MBA (IT)/ MSCLIS Batch 2008-10 at Indian Institute of Information Technology, Allahabad has successfully completed his/her Summer Internship during 20th May-30th june 2009.

He has undertaken the project titled Information Security Management System, Implementation and Challenges, at Hindalco Industries Ltd. Renukoot. The Project on evaluation fulfills all the stated criteria and the student’s findings are his/her original work.

I hereby certify his work was excellent/good/satisfactory to the best of my knowledge.

(Internal Guide)

IIIT-Allahabad.

Acknowledgement

I take this opportunity to express my gratitude and thanks to Hindalco Industries Ltd. for providing me with such a great opportunity of pursuing my summer interns at HIL, Renukoot. I would like to acknowledge the contribution and support of staff at Hindalco industries. I am especially thankful to Mr. Gaurav Awasthi and Lalit Khurana Sir, my industrial guide, for their consistent guidance and support throughout the project. Their help in providing timely assistance in the form of material and counsel proved invaluable in carrying out this study.

In the completion of my project, the resources available at Hindalco Industries were also of great help.

Akash Pandey (MBA –IT)

IMB2008019

TABLE OF CONTENTS

➢ Certificate of Approval

➢ Acknowledgement

➢ Table of Figures

➢ Terms and Definitions

➢ Statement of Objective

1. Introduction

1.1 Overview of Hindalco Industries………………………………………………………….13

1.2 Business Description……………………………………………………………………………15

1.3 Major Products and Services……………………………………………………………….19

2. IT in HINDALCO

2.1 IT Infrastructure………………………………………………………………………………….20

2.2 Information Security……………………………………………………………………………22

3. ISO 27001

4.1 What is an ISMS? ....................................................................................23

4.2 ISO/IEC 27001:2005…………………………………………………………………………….25

4.3 Main Points………………………………………………………………………………………...27

4. INFORMATION SECURITY MANAGEMEENT SYSTEM AT HINDALCO

5.1 Current Implementation……………………………………………………………………..30

5.2 Analysis of Current Process………………………………………………………………...37

5.3 Proposed Implementation…………………………………………………………………..40

5. Challenges- Uncertainty and Risks………………………………………………………….49

6. References…………………………………………………………………………………………….50

Table of Figures

Figure 1: LAN structure at Hindalco……………………………………………………………………………..21

Figure 2: WAN structure at Hindalco……………………………………………………………………………21

Figure 3: PDCA Model………………………………………………………………………………………………….24

Figure 4: ISO 27001 Main Process……………………………………………………………………………….30

Figure 5: Define Risk Evaluation………………………………………………………………………………….31

Figure 6: Risk Assessment…………………………………………………………………………………………..32

Figure 7: Vulnerability Analysis……………………………………………………………………………………33

Figure 8: Security Forum…………………………………………………………………………………………….34

Figure 9: Measure Control Effectiveness……………………………………………………….……….. ..35

Figure 10: Root Cause Analysis…………………………………………………………………….…………….36

Figure 11: ISO 27001 New Process...
tracking img