4/5/2023 0 Comments Sox iso 27001 mapping diagramThe 27001 standard does not mandate specific information security controls, but it provides a checklist of controls that should be considered in the accompanying code of practice, ISO/IEC. The standard requires cooperation among all sections of an organisation. The specification includes details for documentation, management responsibility, internal audits, continual improvement, and corrective and preventive action. Select control objectives and controls to be implemented.The specification defines a six-part planning process: ISO/IEC 27001 is an information security standard, part of the ISO/IEC 27000 family of standards, of which the last version was published in 2013.Īccording to its documentation, ISO 27001 was developed to 'provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an information security management system.' ISO 27001 uses a topdown, risk-based approach and is technology-neutral.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |