Expert Advice Community

Home / ISO 27001 & 22301 / 13.1.2 Security of network services

Guest

13.1.2 Security of network services

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   Apr 02, 2016 Last commented:   Apr 02, 2016

13.1.2 Security of network services

ISO 27001 & 22301
I think I have just not understood what is required........ My client network is completely managed by a supplier..... what should my client do to comply to this control....?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.
Expert
Dejan Kosutic Apr 02, 2016

Answer:

The process is very similar as with other assets - you have to assess the risks related to the network and find appropriate controls. Some of the controls you might apply yourself, and some controls you might outsource to a supplier - this is what you have to state in Statement of Applicability. Make sure you specify all the obligations of this supplier in the agreement.

These article might help you:
- The importance of Statement of Applicability for ISO 27001 https://advisera.com/27001academy/knowledgebase/the-importance-of-statement-of-applicability-for-iso-27001/
- 6-step process for handling supplier security according to ISO 27001 https://advisera.com/27001academy/blog/2014/06/30/6-step-process-for-handling-supplier-security-according-to-iso-27001/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Apr 02, 2016

Apr 02, 2016

Suggested Topics
Guest user Created:   Jun 02, 2020 ISO 27001 & 22301
Replies: 1
0 0

Query on Annex A Controls - IS027001
Guest user Created:   Sep 16, 2021 ISO 27001 & 22301
Replies: 1
0 0

Risk register
Guest user Created:   Oct 15, 2020 ISO 27001 & 22301
Replies: 3
0 0

Help with ISO 27001 implementation