Hoda Aliabadi

Implementation of ISMS (ISO 27001) GAP analysis based on ISO 27001 controls and requirements Developing Statement Of Applicability (SOA) Arrange regular ITS department internal audits and management reviews (ISMS, BCMS, Backup procedure) Initiate, follow up and regular review of all ITS policies, procedures and Process IT Security risk assessment based on ISO 27005 Developing and Implementation of Risk Treatment Plan (RTP) Implementation of security awareness program

- Implementation of ISMS (ISO 27001:2005) - Internal Auditing of ISMS based on ISO 27001 - Conducting Information Security Risk assessment based on ISO 27005 - Developing and Implementation of Business Continuity Plan (BCP) - Developing and Implementation of Business Impact Analysis (BIA) - Benchmark between different information security risk management tools and methodologies and customize their tools and improve their threat list.

- ISMS Implementation based on ISO 27001 in power plant and banking sectors - GAP analysis based on ISO 27001 controls and requirements - Conducting Information Security Risk Assessment (Tools and methodology :CRAMM) - Conducting Business Impact Analysis