Expert Advice Community

Home / ISO 27001 & 22301 / Access control policy: A.9.2.3

Guest

Access control policy: A.9.2.3

ISO 27001 & 22301
  Quote
Guest
isocert Created:   Jan 11, 2018 Last commented:   Jan 15, 2018

Access control policy: A.9.2.3

ISO 27001 & 22301
Hello, My company bought the documentation of the Access Control Policy. At which part is control A.9.2.3 covered in this document? Yours sincerely, Tom van Ruitenbeek
0 0

Assign topic to the user

ISO 27001 ACCESS CONTROL POLICY

Define the rules for access to various systems.

ISO 27001 ACCESS CONTROL POLICY

Define the rules for access to various systems.
Guest
isocert Jan 15, 2018

Dear consultants,
Is there any info to answer this topic?
Thanks in advance,
Tom

Quote
0 0
Expert
Rhand Leal Jan 16, 2018

The control A.9.2.3 (Management of privileged access rights) is covered in sections 3.4 (Privilege management) and 3.5 (Regular review of access rights).

This article will provide you further explanation about access control:
- How to handle access control according to ISO 27001 https://advisera.com/27001academy/blog/2015/07/27/how-to-handle-access-control-according-to-iso-27001/

This material will also help you regarding access control:
- ISO 27001 Annex A Controls in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 11, 2018

Jan 16, 2018

Suggested Topics
Guest user Created:   Jul 26, 2019 ISO 27001 & 22301
Replies: 1
0 0

Access control policy and password policy
Igor Created:   Dec 10, 2024 ISO 27001 & 22301
Replies: 0
0 0

Access Control Policy - Managing Records
Igor Created:   Dec 09, 2024 ISO 27001 & 22301
Replies: 0
0 0

Access Control Policy - Map Job titles to User Profiles