Nika Created: Nov 17, 2020 Last commented: Nov 18, 2020

A.6.1.5 Information security in project management

My question is, do we have to consider Information security in project management separately. I mean we have already IT Security policy, and other policies, where we described how to work with information securely. Should it also stay in e.g. Project management Handbook? Or may be we can write in Project management Handbook: you have to follow these policies? Thank you!

Tags: Information security in project management

0 0

Assign topic to the user

Select user

Expert

Rhand Leal Nov 18, 2020

The need to consider Information security in project management separately will depend on the results of risk assessment and applicable legal requirements (e.g., laws, regulations, and contracts).

For example, some projects may require the implementation of technologies not used in your organization at large, so it would not make sense to write a corporate policy. Other projects, by force of contracts, may require that all information security is under project context. In case these situations do not occur, then you can make projects refer to the corporate documents

For additional information, see:

How to manage security in project management according to ISO 27001 A.6.1.5 https://advisera.com/27001academy/blog/2015/07/06/how-to-manage-security-in-project-management-according-to-iso-27001-a-6-1-5/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Nov 17, 2020

Nov 18, 2020

Expert Advice Community