implementation

Annex A.8.2.2 Labeling of Information

ISO 27001 Annex : A.8.2 Information Classification

Leave a Comment / ISO 27001 La, Knowledge Base / By

ISO 27001 Annex : A.8.2 Information Classification Its objective is To ensure that the information is properly secured, in accordance with its significance to the organization. A.8.2.1 Classification of Information Control- Information should be classification the basis of their legal provisions, criticality, and vulnerability to unwanted release or alteration Implementation Guidance- Classifications and associated information security measures will also include regulatory standards, which take into account market demands for information sharing or restriction. Assets other …

ISO 27001 Annex : A.8.2 Information Classification Read More »

ISO-27001-Annex-A.8-Asset-Management

ISO 27001 Annex : A.8 Asset Management

Leave a Comment / ISO 27001 La, Knowledge Base / By

A.8.1 Responsibility for Assets ISO 27001 Annex : A.8 Asset Management Its objective is to identify and establish acceptable security responsibilities for the organization’s assets . A.8.1.1 Inventory of Assets Control- Assets related to information and information facilities of an organization should be identified and listed, inventory of these assets should also be maintained. Implementation Guidance- An organization will identify important assets in the information lifecycle, and document their importance. The life-cycle of information should …

ISO 27001 Annex : A.8 Asset Management Read More »

ISO-27001-Annex : A.6-Organization-of-Information-Security

ISO 27001 Annex : A.6 Organization of Information Security

Leave a Comment / ISO 27001 La, Knowledge Base / By

6.1 Internal Organization ISO 27001 Annex : A.6 Organization of Information Security its object is to establish a management framework for initiating and controlling the implementation and functioning of information security within the organization. 6.1.1 Information Security Roles and Responsibilities Control- All responsibilities related to information security should be well defined and assigned. Implementation Guidance- Allocation of information security responsibilities should be carried out in compliance with information security policies (Refer A.5.1.1). Responsibilities for the …

ISO 27001 Annex : A.6 Organization of Information Security Read More »

Information-security-risk-treatment

ISO 27001 Clause 6.1.3 Information security risk treatment

1 Comment / ISO 27001 La, Knowledge Base / By

Information-security-risk-treatment Required activity The organization defines and applies an information security risk treatment process.  Implementation Guideline Information security risk treatment is that the overall process of choosing risk treatment options, determining appropriate controls to implement such options, formulating a risk treatment plan and obtaining approval of the Risk treatment plan by the Risk owner(s).All steps of the knowledge security risk treatment process also because the results of its application are retained by the organization as …

ISO 27001 Clause 6.1.3 Information security risk treatment Read More »

overview-of-cyber-security-frameworks

Overview of Cyber security Frameworks

Leave a Comment / CyberSecurity / By

Cyber security Framework provides a policy framework of computer security guidance for how private sector organizations can assess and improve their ability to prevent, detect, and respond to cyber attacks. Overview Overview of Cyber security Frameworks has been in limelight for over few years due to the continual cyber attacks that are happening. Well allow us to understand what Cyber-Security is normally and perceive what’s the most use of its implementation. Cyber security is nothing however a typical method, a bunch of technologies …

Overview of Cyber security Frameworks Read More »