Access control over Risk Assessment and Treatment Tables
Assign topic to the user
Answer: Risk assessment and treatment tables should be accessed only by those who need to know them to plan, implement, monitor and improve controls to protect information. So, only a few people should have access to them, since most of organization's people will be users, with not active participation on controls management.
This article will provide you further explanation about access control:
- How to handle access control according to ISO 27001 https://advisera.com/27001academy/blog/2015/07/27/how-to-handle-access-control-according-to-iso-27001/
These materials will also help you regarding access control:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Apr 10, 2017