The primary role of Security Management & Best Practices (SMBP) department is to drive information security management based on ISO/IEC 27001:2005 Information Security Management System (ISMS) for CyberSecurity Malaysia.
This includes planning, developing, implementing and monitoring ISMS such as information security risk management, information security awareness programmes, information security management review, development of information security policies and procedures and Business Continuity Management (BCM). We are also entrusted to deliver trainings and awareness talks related to ISMS to external organisations.
In addition, we also develop information security guidelines and best practices for the public with a view to assist them in securing their information security environment.
We also contribute towards standardisation development in areas of information security; both locally and internationally.
We would like to invite you to visit our published guidelines and best practices.