Expert Advice Community

Guest

10.1.2 Key management

  Quote
Guest
Guest user Created:   Oct 05, 2021 Last commented:   Oct 05, 2021

10.1.2 Key management

I wanted to ask how I can check annex 10.1.2 Key management during the internal audit session what's needed to be satisfied these requirements.

0 0

Assign topic to the user

ISO 27001 & ISO 22301 PREMIUM DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 & ISO 22301 PREMIUM DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Oct 05, 2021

To audit control 10.1.2 Key management you need to identify the defined requirements for generating, storing, archiving, retrieving, distributing, retiring, and destroying keys. Once these are identified you can start verifying if the implemented processes are being performed according to the requirements.

Examples of evidence are:

  • requests for key generation
  • records of key delivery to users
  • records of key revocation

This article will provide you further explanation about key management:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Oct 05, 2021

Oct 05, 2021