Get 4 FREE months of Conformio to implement ISO 27001

Expert Advice Community

Guest

Access Control Policy - Managing Records

  Quote
Guest
Igor Created:   Dec 10, 2024

Access Control Policy - Managing Records

Hi All,

I'm drafting the Access Control Policy in Conformio.

At chapter "4. Managing records kept on the basis of this document" it asks for the management of 2 types of Records.

one is quite clear, it demands the management of an Access Control Review register.

The second one instead is not totally clear to me, what I don't fully understand is if we need to keep a register for only tracking the privileges (access rights granted to roles or users that usually wouldn't have them) or if we need to track every single access given to all the employees on all the used applications.

Can someone suggest what should be tracked?

Thanks in advance

Best Regards

Igor

 

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Comment as guest or Sign in

HTML tags are not allowed

Dec 10, 2024

Dec 10, 2024

Suggested Topics

Guest user Created:   Feb 28, 2022 ISO 27001 & 22301
Replies: 1
0 0

Software Password Storage

Guest user Created:   Feb 04, 2022 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 Expert question

Guest user Created:   Jul 05, 2021 ISO 27001 & 22301
Replies: 1
0 0

ISMS TIER 1 - 4 Documents