7 2 2 labeling and handling
Assign topic to the user
Gokhan,
First of all, you can exclude this control if you think there are no risks that would require its implementation; second, if you decide to implement this control, there are no strict rules in ISO 27001 that would require you to label physical assets.
However, good practice is to label any physical asset that contains confidential information - e.g. if you have a disk with sensitive data, you should label it; same thing is with some other equipment that carries or processes confidential information. You can learn more in this webinar: ISO 27001 A.7: Asset management & classification https://www.iso27001standard.*****************************
By the way, A.7.2.2 is the control for labeling in old ISO 27001 (2005 revision); in new ISO 27001:2013 this control is now A.8.2.2.
Thank you so much Dejan.
By the way I would like to change my subscription but couldnt manage it on the profile page. could you please help me out?
Comment as guest or Sign in
Jan 12, 2016