Guest user Created: Dec 04, 2018 Last commented: Dec 04, 2018

Scope of information security

Does the ISMS include the information security for the hardcopies? For Example, if the company collects hardcopies application form contained PII, Are the risks controls applicable to handle information security for application forms? Many people seems considered the ISMS only covered the security for removable media or electronic format. Can you share your views?

0 0

Assign topic to the user

Select user

Expert

Rhand Leal Dec 04, 2018

Answer:

ISMS compliant to ISO 27001 means to protect the information in all formats it exist, so if you have the same information on digital and hardcopy format, you have to evaluate risks for both formats and apply security controls properly to each format.

These articles will provide you further explanation about ISO 27001:
- ISO 27001 https://advisera.com/27001academy/what-is-iso-27001/
- The basic logic of ISO 27001: How does information security work? https://advisera.com/27001academy/knowledgebase/the-basic-logic-of-iso-27001-how-does-information-security-work/

These materials will also help you regarding ISO 27001:
- Book Secure & Simple: A Small-Business Guide to Imp lementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
- Security Awareness Training: https://advisera.com/training/awareness-session/security-awareness-training/ - this is a series of 25 videos that cover various topics related to security.

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Dec 04, 2018

Expert Advice Community