Guest
Creating two separate password policies?
We are developing “password policy” now and have question about it: There is only password policy for users among the templates. Is there any requirements by ISO 27001 for separate password policy for privileged users (like admin, root and etc.) or we can combine them?
Assign topic to the user
Expert
Dejan Kosutic
Sep 15, 2016
Answer: ISO 27001 does not require you to separate password policies for different types of users/employees - therefore, you can create a single document for this purpose. In bigger and very complex companies it might make sense to have separate policies for this purpose.
Comment as guest or Sign in
Sep 15, 2016
Sep 15, 2016
Sep 15, 2016