Guest
Data Integrity
One question I had in regards to the security clauses was, how does the ISO 27001 ensure us data integrity?
Assign topic to the user
Expert
Rhand Leal
Apr 21, 2020
ISO 27001 makes use of a systematic management approach to help organizations:
- identify information security risks that can promise information confidentiality, integrity or availability (based on their context, objectives and interested parties needs)
- define proper controls to treat relevant risks (based on controls from Annex A, as well as from other sources of controls if needed), and expected information security performance results (i.e. information security objectives)
- periodically evaluate information security performance
- implement corrections and/or improvements based on achieved results
Regarding controls specifically related to protection of information integrity, these are some examples:
- A.10.1 Cryptographic controls
- A.12.5.1 Installation of software on operational systems
- A.9.4.4 Use of privileged utility programs
- A.12.1.2 Change management
These articles will provide you further explanation about ISO 27001:
- The basic logic of ISO 27001: How does information security work? https://advisera.com/27001academy/knowledgebase/the-basic-logic-of-iso-27001-how-does-information-security-work/
- Where to start from with ISO 27001 https://advisera.com/27001academy/knowledgebase/iso-27001-where-to-start-most-important-materials/
These materials will also help you regarding ISO 27001:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Apr 21, 2020
Apr 21, 2020
Apr 21, 2020