Guide to the Implementation and Auditing of ISMS Controls Based on ISO/IEC 27001
BSI British Standards Institution, 2005 - Business enterprises - 120 pages
Data security, Quality auditing, Data processing, Computers, Management, Data storage protection, Certification (approval), IT and Information Management: Information Security
What people are saying - Write a review
We haven't found any reviews in the usual places.
access control policy access rights activities appropriate Auditing guidance Auditors auditor should check Auditors should ensure authorized aware back-up breaches of conﬁdentiality business continuity plans business requirements certiﬁcation compliance conﬁdential information conﬁdentiality agreements conﬁguration considered contract contractors and third-party covert channels cryptographic controls cryptographic keys deﬁned deﬁnition developed difﬁcult digital signatures documented electronic commerce employees employment equipment external parties ﬁles ﬁrst guidance The organization handling identiﬁed identify Implementation guidance information processing facilities information security events information security incidents information security management information security policy information systems integrity and availability involved ISO/IEC 17799 extension logs loss management ISO/IEC misuse mobile code mobile computing modiﬁcation monitoring necessary operating system organization’s information passwords personnel place to ensure procedures in place records relevant restricted risk assessment secure areas security controls security requirements sensitive information speciﬁc staff sufﬁcient technical vulnerabilities teleworking testing third-party users unauthorized access updated