In the BYOD Policy and the Secure development policy there are documents that are mentioned in the table such as "Procedures for secure information system engineering" and "Testing plan for security requirements and system acceptance" where can we find these documents?
Assign topic to the user
Such procedures and testing plans can greatly vary according to organizations requirements (i.e., organizations may have different requirements for system engineering and system acceptance), so it is unfeasible to develop templates to cover every possible scenario, and our recommendation, in this case, is that each organization develop their own documentation.
For further information, see:
- What are secure engineering principles in ISO 27001:2013 control A.14.2.5? https://advisera.com/27001academy/blog/2015/08/31/what-are-secure-engineering-principles-in-iso-270012013-control-a-14-2-5/
- How to integrate ISO 27001 A.14 controls into the system/software development life cycle (SDLC) https://advisera.com/27001academy/how-to-integrate-iso-27001-controls-into-the-system-software-development-life-cycle-sdlc/
Comment as guest or Sign in
Sep 22, 2021