Guest post Created: Jan 12, 2016 Last commented: Jan 12, 2016

7 2 2 labeling and handling

Dear dejan, for the documents and the assets (laptops, printers faxes etc) have to be labeled physically ? I mean do I have to type a label and stick on the assets that they are confidential? Thank you so much for your guidence

0 0

Assign topic to the user

Select user

Guest

DejanK Jan 12, 2016

Gokhan,

First of all, you can exclude this control if you think there are no risks that would require its implementation; second, if you decide to implement this control, there are no strict rules in ISO 27001 that would require you to label physical assets.

However, good practice is to label any physical asset that contains confidential information - e.g. if you have a disk with sensitive data, you should label it; same thing is with some other equipment that carries or processes confidential information. You can learn more in this webinar: ISO 27001 A.7: Asset management & classification https://www.iso27001standard.*****************************

By the way, A.7.2.2 is the control for labeling in old ISO 27001 (2005 revision); in new ISO 27001:2013 this control is now A.8.2.2.

Quote

0 0

Guest

Guest post Jan 12, 2016

Thank you so much Dejan.

By the way I would like to change my subscription but couldnt manage it on the profile page. could you please help me out?

Quote

0 0

Guest

DejanK Jan 12, 2016

Sure, our support will contact you shortly.

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Jan 12, 2016

Expert Advice Community