Expert Advice Community

Guest

Documentation content

  Quote
Guest
Guest user Created:   Sep 24, 2018 Last commented:   Sep 24, 2018

Documentation content

  1. I am working through the Statement of Applicability and have found that the Control Objectives listed in the Statement of Applicability do NOT align with those found in the PDF ISO 27001 Controls and Objectives. In the Statement of Applicability it shows the control for A.6.1.2 as Segregation of duties, but then when I go to the PDF for the 270001 Control and Objectives it shows A.6.1.2 Information security coordination.
  2. Based on the response , can you please provide the 2013 Annex A List of Controls and Objectives, as the one I have is 2005 and does not align with the Statement of Applicability in the toolkit.
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Sep 24, 2018

I am working through the Statement of Applicability and have found that the Control Objectives listed in the Statement of Applicability do NOT align with those found in the PDF ISO 27001 Controls and Objectives. In the Statement of Applicability it shows the control for A.6.1.2 as Segregation of duties, but then when I go to the PDF for the 270001 Control and Objectives it shows A.6.1.2 Information security coordination.

Control A.6.1.2 Information security coordination is listed in the old 2005 revision of ISO 27001, which was superseded by a new 2013 revision, which is the current one. In 2013 version of ISO 27001, control A.6.1.2 refers to Segregation of duties. Considering that, you have to follow the Statement of Applicability document.

Based on the response , can you please provide the 2013 Annex A List of Controls and Objectives, as the one I have is 2005 and does not align with the Statement of Applicability in the toolkit.

I'm sorry, but ISO 27001 standard is an intellectual property of ISO, and we do not have the license to sell it, as a whole or only some parts. You can buy this standard at this link: www.iso.org/standard/54534.html

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Sep 24, 2018

Sep 24, 2018

Suggested Topics

Guest user Created:   Apr 13, 2019 ISO 27001 & 22301
Replies: 1
0 0

Documentation content

Guest user Created:   Apr 03, 2019 ISO 27001 & 22301
Replies: 1
0 0

Documentation content

Guest user Created:   Oct 24, 2017 ISO 27001 & 22301
Replies: 1
0 0

Documentation toolkit content