ISO 27001 ISMS LA Archives - Page 6 of 10

ISO 27001 Annex : A.12.6 Technical Vulnerability Management

ISO 27001 Annex : A.12.6 Technical Vulnerability Management Its objective is to avoid technological vulnerabilities from being exploited. A.12.6.1 Management of Technical Vulnerabilities Control- Information on technological vulnerabilities of information systems used should be obtained in a timely manner, the exposure of the organization to such vulnerabilities should be assessed and appropriate measures taken to …

ISO 27001 Annex : A.12.6 Technical Vulnerability Management Read More »

ISO 27001 Annex : A.12.5 Control of Operational Software

ISO 27001 Annex : A.12.5 Control of Operational Software Its objective is to ensure operating system integrity. A.12.5.1 Installation of Software on Operational Systems Control- To control the installation of software on operating systems, procedures should be implemented. Implementation Guidance- To control changes in software on operational systems, the following guidelines should be considered: Trained …

ISO 27001 Annex : A.12.5 Control of Operational Software Read More »

ISO 27001 Annex : A.12.4 Logging and Monitoring

Leave a Comment / ISO 27001 ISMS LA, Knowledge Base / By Harshala J

ISO 27001 Annex : A.12.4 Logging and Monitoring Its objective is recording events and generating evidence. A.12.4.1 Event Logging Control- Event logs should be produced, retained, and regularly reviewed to record user activities, exceptions, defects, and information security events. Implementation Guidance- Where applicable, event logs should include: IDs of User; Activities of the system; dates, …

ISO 27001 Annex : A.12.4 Logging and Monitoring Read More »

ISO 27001 Annex : A.12.3 Backup

Leave a Comment / ISO 27001 ISMS LA, Knowledge Base / By Harshala J

ISO 27001 Annex : A.12.3 Backup Its objective is to safeguard against data loss. A.12.3.1 Information backup Control- In accordance with the agreed backup policy copies of records, program and device images shall be collected and regularly tested Implementation Guidance – The organization’s information, software, and systems backup requirements should be established with a backup …

ISO 27001 Annex : A.12.3 Backup Read More »

ISO 27001 Annex : A.12.2 Protection from Malware

Leave a Comment / ISO 27001 ISMS LA, Knowledge Base / By Harshala J

ISO 27001 Annex : A.12.2 Protection from Malware It’s objective is ensuring that malware protection is provided to information and information processing facilities. A.12.2.1 Controls Against Malware Control- In combination with appropriate user awareness, the detection, prevention, and recovery controls to protect against malware should be implemented. Implementation guidance Malware protection should be supported by …

ISO 27001 Annex : A.12.2 Protection from Malware Read More »

ISO 27001 Annex : 12 Operations Security

Leave a Comment / ISO 27001 ISMS LA, Knowledge Base / By Harshala J

ISO 27001 Annex : 12 Operations Security in this article explain Operational procedures and responsibilities, Documented Operating Procedures, Change Management & Separation of Development, Testing and Operational Environments. A.12.1 Operational procedures and responsibilities Its objective is to ensure that information processing facilities operate correctly and securely. A.12.1.1 Documented Operating Procedures Control-Operating procedures should be documented …

ISO 27001 Annex : 12 Operations Security Read More »

ISO 27001 Annex : A.11.2.7 Secure Disposal or Re-use of Equipment, A.11.2.8 Unattended User Equipment & A.11.2.9 Clear Desk and Clear Screen Policy

Leave a Comment / ISO 27001 ISMS LA, Knowledge Base / By Harshala J

In this article explain ISO 27001 Annex : A.11.2.7 Secure Disposal or Re-use of Equipment, A.11.2.8 Unattended User Equipment & A.11.2.9 Clear Desk and Clear Screen Policy A.11.2.7 Secure Disposal or Re-use of Equipment Control- To avoid the removal or overriding of sensitive data and software by the disposal or reuse of any device containing …

ISO 27001 Annex : A.11.2.7 Secure Disposal or Re-use of Equipment, A.11.2.8 Unattended User Equipment & A.11.2.9 Clear Desk and Clear Screen Policy Read More »

ISO 27001 Annex : A.11.2.4 Equipment Maintenance, A.11.2.5 Removal of Assets & A.11.2.6 Security of Kit and Assets Off-Premises

Leave a Comment / ISO 27001 ISMS LA, Knowledge Base / By Harshala J

In this article is explained ISO 27001 Annex : A.11.2.4 Equipment Maintenance, A.11.2.5 Removal of Assets & A.11.2.6 Security of Kit and Assets Off-Premises. A.11.2.4 Equipment Maintenance Control- To ensure its continued availability and integrity, the equipment should be correctly maintained. Implementation Guidance- The following equipment maintenance guidelines should be taken into account: Equipment should …

ISO 27001 Annex : A.11.2.4 Equipment Maintenance, A.11.2.5 Removal of Assets & A.11.2.6 Security of Kit and Assets Off-Premises Read More »

ISO 27001 Annex : A.11.1.3 Securing Offices, Rooms and Facilities, A.11.1.4 Protecting Against External and Environmental Threats, A.11.1.5 Working in Secure Areas & A.11.1.6 Delivery and Loading Areas

Leave a Comment / ISO 27001 ISMS LA, Knowledge Base / By Harshala J

In this article explained ISO 27001 Annex : A.11.1.3 Securing Offices Rooms and Facilities, A.11.1.4 Protecting Against External and Environmental Threats, A.11.1.5 Working in Secure Areas, A.11.1.6 Delivery and Loading Areas. A.11.1.3 Securing Offices, Rooms and Facilities Control- Physical security should be designed and implemented for the offices, rooms, and facilities. Implementation Guidance- The following …

ISO 27001 Annex : A.11.1.3 Securing Offices, Rooms and Facilities, A.11.1.4 Protecting Against External and Environmental Threats, A.11.1.5 Working in Secure Areas & A.11.1.6 Delivery and Loading Areas Read More »

ISO 27001 Annex : A.11.2 Equipment

Leave a Comment / ISO 27001 ISMS LA, Knowledge Base / By Harshala J

ISO 27001 Annex : A.11.2 Equipment Its objective is to avoid loss, damage, theft, or compromise of assets and disrupt the operations of the organization. A.11.2.1 Equipment Siting and Protection Control- To mitigate the risk of environmental hazards, risks, and unauthorized access, the equipment should be sited and secured. Implementation Guidance- To protect equipment, the …

ISO 27001 Annex : A.11.2 Equipment Read More »

Upcoming Training :- ISO27001 LA T. D.:-18th, 19th, & 24th, 25th, 26th Jan 2025.

ISO 27001 ISMS LA