Guest
Is 'governance' is listed as a control in ISO/IEC 27001 Annex A?
I just want to know if 'governance' is listed as a control in ISO/IEC 27001 Annex A
Assign topic to the user
Expert
Rhand Leal
Aug 27, 2020
Governance is not listed as a control in ISO/IEC 27001 Annex A, but there are several controls that can help implement governance practices in an organization such as:
- A.5.1.1 Policies for information security
- A.5.1.2 Review of the policies for information security
- A.6.1.1 Information security roles and responsibilities
- A.18.1.1 Identification of applicable legislation and contractual requirements
This article will provide you a further explanation about governance and ISO 27001:
- Should information security focus on asset protection, compliance, or corporate governance? https://advisera.com/27001academy/blog/2017/03/13/information-security-focus-asset-protection-compliance-corporate-governance/
Comment as guest or Sign in
Aug 27, 2020
Aug 27, 2020
Aug 27, 2020