System access by the security guard
Assign topic to the user
Answer:
I am not sure what do you mean with security guards, but generally in an ISMS the CISO is responsible for the coordination of all activities related to the securing the information in a company, so, from my point of view, in your case, the CISO should define the access control policy, and in accordance with this policy, an expert technical (or any other person with sufficient knowledge about how to implement technically the access control policy) could give access to the system to the different employees.
This article can help you "How to handle access control according to ISO 27001" : https://advisera.com/27001academy/blog/2015/07/27/how-to-handle-access-control-according-to-iso-27001/
And our online course can be also interesting for you because we give more information about the ISMS and the access control “ISO 27001:2013 Foundations Course” : https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Jul 14, 2016