Expert Advice Community

Home / ISO 27001 & 22301 / Vulnerabilities understanding

Guest

Vulnerabilities understanding

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   Aug 01, 2017 Last commented:   Aug 01, 2017

Vulnerabilities understanding

ISO 27001 & 22301
Can vulnerabilities always be viewed as the lack of respective controls? what is your opinion?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.
Expert
Rhand Leal Aug 01, 2017

Answer: No. Vulnerabilities are weaknesses that also may be result of improper implementation of an otherwise well designed project (e.g., a safe made of a defective alloy) or a control misconfiguration (e.g., a password policy that enforces alphanumeric characters but limits the size to a small value).

This article will provide you further explanation about vulnerabilities:
- How to manage technical vulnerabilities according to ISO 27001 control A.12.6.1 https://advisera.com/27001academy/blog/2015/10/12/how-to-manage-technical-vulnerabilities-according-to-iso-27001-control-a-12-6-1/

These materials will also help you regarding vulnerabilities:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Aug 01, 2017

Aug 01, 2017

Suggested Topics
Guest user Created:   Nov 18, 2021 ISO 27001 & 22301
Replies: 1
0 0

Some wondering on the use of the risk management registry
Guest user Created:   Sep 24, 2021 ISO 27001 & 22301
Replies: 1
0 0

Documentation of requirements