Harshala J, Author at Infocerts LLP

ISO 27001 Annex : A.12.2 Protection from Malware

ISO 27001 Annex : A.12.2 Protection from Malware It’s objective is ensuring that malware protection is provided to information and information processing facilities. A.12.2.1 Controls Against Malware Control- In combination with appropriate user awareness, the detection, prevention, and recovery controls to protect against malware should be implemented. Implementation guidance Malware protection should be supported by …

ISO 27001 Annex : A.12.2 Protection from Malware Read More »

ISO 27001 Annex : 12 Operations Security

ISO 27001 Annex : 12 Operations Security in this article explain Operational procedures and responsibilities, Documented Operating Procedures, Change Management & Separation of Development, Testing and Operational Environments. A.12.1 Operational procedures and responsibilities Its objective is to ensure that information processing facilities operate correctly and securely. A.12.1.1 Documented Operating Procedures Control-Operating procedures should be documented …

ISO 27001 Annex : 12 Operations Security Read More »

ISO 27001 Annex : A.11.2.7 Secure Disposal or Re-use of Equipment, A.11.2.8 Unattended User Equipment & A.11.2.9 Clear Desk and Clear Screen Policy

Leave a Comment / ISO 27001 ISMS LA, Knowledge Base / By Harshala J

In this article explain ISO 27001 Annex : A.11.2.7 Secure Disposal or Re-use of Equipment, A.11.2.8 Unattended User Equipment & A.11.2.9 Clear Desk and Clear Screen Policy A.11.2.7 Secure Disposal or Re-use of Equipment Control- To avoid the removal or overriding of sensitive data and software by the disposal or reuse of any device containing …

ISO 27001 Annex : A.11.2.7 Secure Disposal or Re-use of Equipment, A.11.2.8 Unattended User Equipment & A.11.2.9 Clear Desk and Clear Screen Policy Read More »

ISO 27001 Annex : A.11.2.4 Equipment Maintenance, A.11.2.5 Removal of Assets & A.11.2.6 Security of Kit and Assets Off-Premises

Leave a Comment / ISO 27001 ISMS LA, Knowledge Base / By Harshala J

In this article is explained ISO 27001 Annex : A.11.2.4 Equipment Maintenance, A.11.2.5 Removal of Assets & A.11.2.6 Security of Kit and Assets Off-Premises. A.11.2.4 Equipment Maintenance Control- To ensure its continued availability and integrity, the equipment should be correctly maintained. Implementation Guidance- The following equipment maintenance guidelines should be taken into account: Equipment should …

ISO 27001 Annex : A.11.2.4 Equipment Maintenance, A.11.2.5 Removal of Assets & A.11.2.6 Security of Kit and Assets Off-Premises Read More »

ISO 27001 Annex : A.11.1.3 Securing Offices, Rooms and Facilities, A.11.1.4 Protecting Against External and Environmental Threats, A.11.1.5 Working in Secure Areas & A.11.1.6 Delivery and Loading Areas

Leave a Comment / ISO 27001 ISMS LA, Knowledge Base / By Harshala J

In this article explained ISO 27001 Annex : A.11.1.3 Securing Offices Rooms and Facilities, A.11.1.4 Protecting Against External and Environmental Threats, A.11.1.5 Working in Secure Areas, A.11.1.6 Delivery and Loading Areas. A.11.1.3 Securing Offices, Rooms and Facilities Control- Physical security should be designed and implemented for the offices, rooms, and facilities. Implementation Guidance- The following …

ISO 27001 Annex : A.11.1.3 Securing Offices, Rooms and Facilities, A.11.1.4 Protecting Against External and Environmental Threats, A.11.1.5 Working in Secure Areas & A.11.1.6 Delivery and Loading Areas Read More »

ISO 27001 Annex : A.11.2 Equipment

Leave a Comment / ISO 27001 ISMS LA, Knowledge Base / By Harshala J

ISO 27001 Annex : A.11.2 Equipment Its objective is to avoid loss, damage, theft, or compromise of assets and disrupt the operations of the organization. A.11.2.1 Equipment Siting and Protection Control- To mitigate the risk of environmental hazards, risks, and unauthorized access, the equipment should be sited and secured. Implementation Guidance- To protect equipment, the …

ISO 27001 Annex : A.11.2 Equipment Read More »

ISO 27001 Annex : A.11 Physical and Environmental Security

Leave a Comment / ISO 27001 ISMS LA, Knowledge Base / By Harshala J

ISO 27001 Annex : A.11 Physical and Environmental Security in this article explain Secure areas, Physical Security Perimeter and Physical Entry Controls. A.11.1 Secure areas Its objective is to avoid unauthorized physical access, damage and interference with the organization’s information and information processing facilities. A.11.1.1 Physical Security Perimeter Control- Security perimeters should be established in …

ISO 27001 Annex : A.11 Physical and Environmental Security Read More »

ISO 27001 Annex : A.10 Cryptography

Leave a Comment / ISO 27001 ISMS LA, Knowledge Base / By Harshala J

ISO 27001 Annex : A.10 Cryptography in this article explaining Cryptographic controls, Policy on the Utilization of Cryptographic Controls & Key Management. A.10.1 Cryptographic controls Its objective is to ensure the proper and efficient use of cryptography to protect the confidentiality, authenticity and/or integrity of the information. A.10.1.1 Policy on the Utilization of Cryptographic Controls …

ISO 27001 Annex : A.10 Cryptography Read More »

ISO 27001 Annex : A.9.4.4 Use of Privileged Utility Programs & A.9.4.5 Access Control to Program Source Code

Leave a Comment / ISO 27001 ISMS LA, Knowledge Base / By Harshala J

In this article ISO 27001 Annex : A.9.4.4 Use of Privileged Utility Programs & A.9.4.5 Access Control to Program Source Code this two topics are explain. A.9.4.4 Use of Privileged Utility Programs Control- The use of utility programs that could bypass system and application controls should be limited and tightly controlled. Implementation Guidance- The following …

ISO 27001 Annex : A.9.4.4 Use of Privileged Utility Programs & A.9.4.5 Access Control to Program Source Code Read More »

ISO 27001 Annex : A.9.4 System and Application Access Control

Leave a Comment / ISO 27001 ISMS LA, Knowledge Base / By Harshala J

ISO 27001 Annex : A.9.4 System and Application Access Control Its objective is to put a stop to unauthorized access to systems and applications. A.9.4.1 Information Access Restriction Control- Access to information and application system functions should be limited in compliance with the policy on access control. Implementation Guidance- Access controls should be based on …

ISO 27001 Annex : A.9.4 System and Application Access Control Read More »

Upcoming Training :- ISO27001 LA T. D.:-18th, 19th, & 24th, 25th, 26th Jan 2025.

Harshala J