Expert Advice Community

11.2.8 and 11.2.9

  Quote
Nika Created:   Dec 01, 2020 Last commented:   Dec 02, 2020

11.2.8 and 11.2.9

Hello, dear Advisera support,

I read description of these two controls:  11.2.8 Unattended user equipment and 11.2.9 Clear desk and clear screen policy.  What is the difference? Are they not the same? As I see, the Implementation method for us for these two controls is the same: Clear desk and clear screen policy.

Thank you!

 

0 0

Assign topic to the user

Assign

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Dec 02, 2020

Please note that while control A.11.2.8 aims at equipment (e.g., computers and mobile devices), control A.11.2.9 has a wider coverage, including papers, removable storage media, and other equipment normally found on workstations (e.g., photocopiers).

In a sense, you can think that control A.11.2.8 can be used to implement a part of control A.11.2.9.

This article will provide you a further explanation about clear desk policy and clear screen policy:

This material will also help you regarding clear desk policy and clear screen policy:

Quote
0 1

Comment as guest or Sign in

HTML tags are not allowed

Dec 01, 2020

Dec 02, 2020

Suggested Topics