Harshala J

ISO 27001 Annex : A.8.2.2 Labeling of Information & A.8.2.3 Handling of Assets

ISO 27001 Annex : A.8.2.2 Labeling of Information & A.8.2.3 Handling of Assets

ISO 27001 Annex : A.8.2.2 Labeling of Information & A.8.2.3 Handling of Assets is based on ISO in this article these two topic has been explained. A.8.2.2 Labeling of Information Control- A.8.2.2 Labeling of Information In accordance with the information classification scheme adopted by the organization an adequate set of methods for labeling information should …

ISO 27001 Annex : A.8.2.2 Labeling of Information & A.8.2.3 Handling of Assets Read More »

ISO 27001 Annex : A.8.2 Information Classification

ISO 27001 Annex : A.8.2 Information Classification

ISO 27001 Annex : A.8.2 Information Classification Its objective is To ensure that the information is properly secured, in accordance with its significance to the organization. A.8.2.1 Classification of Information Control- Information should be classification the basis of their legal provisions, criticality, and vulnerability to unwanted release or alteration Implementation Guidance- Classifications and associated information …

ISO 27001 Annex : A.8.2 Information Classification Read More »

ISO 27001 Annex : A.8 Asset Management

ISO 27001 Annex : A.8 Asset Management

A.8.1 Responsibility for Assets ISO 27001 Annex : A.8 Asset Management Its objective is to identify and establish acceptable security responsibilities for the organization’s assets . A.8.1.1 Inventory of Assets Control- Assets related to information and information facilities of an organization should be identified and listed, inventory of these assets should also be maintained. Implementation …

ISO 27001 Annex : A.8 Asset Management Read More »

ISO 27001 Annex : A.7.3 Termination and Change of Employment

ISO 27001 Annex : A.7.3 Termination and Change of Employment

ISO 27001 Annex : A.7.3 Termination and Change of Employment Its objective is to safeguard the interests of the organization as part of the adjustment or termination of employment. A.7.3.1 Termination or change of Employment Responsibilities Control- Responsibility and information security requirements that continue to be valid following termination or change of employment must be …

ISO 27001 Annex : A.7.3 Termination and Change of Employment Read More »

ISO 27001 Annex : A.7.2 During Employment

ISO 27001 Annex : A.7.2 During Employment

ISO 27001 Annex : A.7.2 During Employment Its objective is to make sure that employees and contractors are conscious of and fulfill their information security responsibilities. A.7.2.1 Management Responsibilities Control- Management should mandate all employees and contractors to exercise information security in accordance with established policies and procedures set by the organization. Implementation Guidance- Responsibilities …

ISO 27001 Annex : A.7.2 During Employment Read More »

ISO 27001 Annex : A.7 Human Resource Security

ISO 27001 Annex : A.7 Human Resource Security

A.7.1  Prior to Employment ISO 27001 Annex : A.7 Human Resource Security Its object is to make sure both employees and vendors recognize their duties and are suitable for their positions. A.7.1.1  Screening Control- Background verification checks on all job applicants will be performed in compliance with applicable rules, legislation, and ethics and should be proportionate …

ISO 27001 Annex : A.7 Human Resource Security Read More »

ISO 27001 Annex :  A.6.2 Mobile Devices and Teleworking

ISO 27001 Annex : A.6.2 Mobile Devices and Teleworking

ISO 27001 Annex : A.6.2 Mobile Devices and Teleworking its objective is to ensure the security of teleworking and the use of mobile devices. A.6.2.1  Mobile Device Policy  Control- To manage the risks introduced by the use of mobile devices, a policy and supporting safety measures should be adopted.  Implementation Guidance- Special care should be …

ISO 27001 Annex : A.6.2 Mobile Devices and Teleworking Read More »

ISO 27001 Annex : A.6 Organization of Information Security

ISO 27001 Annex : A.6 Organization of Information Security

6.1 Internal Organization ISO 27001 Annex : A.6 Organization of Information Security its object is to establish a management framework for initiating and controlling the implementation and functioning of information security within the organization. 6.1.1 Information Security Roles and Responsibilities Control- All responsibilities related to information security should be well defined and assigned. Implementation Guidance- …

ISO 27001 Annex : A.6 Organization of Information Security Read More »

ISO 27001 Annex : A.5 Information Security Policies

ISO 27001 Annex : A.5 Information Security Policies

5. 1  Management direction for information security ISO 27001 Annex : A.5 Information Security Policies, Its objective is to provide management guidance and information security assistance in accordance with business requirements and relevant laws and regulations. 5.1.1 Policies for Information Security Control-  A set of information security policies should be established, managed accepted, published and …

ISO 27001 Annex : A.5 Information Security Policies Read More »

ISO 27001 Clause 10.2 Continual Improvement

ISO 27001 Clause 10.2 Continual Improvement

Required Activity ISO 27001 Clause 10.2 Continual Improvement, The organization continually improves the suitability, adequacy and effectiveness of the ISMS. Why organization needs to have continual improvement? Organizations are never static, nor their contexts. In addition, the threats to the information systems, and the ways in which they can be compromised, are rapidly changing. At …

ISO 27001 Clause 10.2 Continual Improvement Read More »

Open Whatsapp chat
Whatsapp Us
Chat with us for faster replies.