Expert Advice Community

Guest

Doubts about A.14.2.5

  Quote
Guest
Guest user Created:   Jan 12, 2016 Last commented:   Jan 12, 2016

Doubts about A.14.2.5

0 0

Assign topic to the user

Assign

ISO 27001 SECURE DEVELOPMENT POLICY

Basic rules for secure development of software and systems.

ISO 27001 SECURE DEVELOPMENT POLICY

Basic rules for secure development of software and systems.

Guest
AntonioS Jan 12, 2016

Can you please help us and provide some detailed information as to what should be covered in A.14.2.5 of ISO 27002:2013.
 

Answer:

Sure, I will give you information about this. If you see the “Implementation guidance” of the control 14.2.5 in the ISO 27002:2013, you can read this: “Security should be designed into all architecture layers (business, data, applications and technology) balancing the need for information security with the need for accessibility”. So, this control is related to the large information system design, which also include the software development. 
If you need a template to implement this control, this can be interesting for you (you can see a free version clicking on “Free Demo” tab) “Secure Development Policy": https://advisera.com/27001academy/01academy/emy/ademy/my/documentation/secure-development-policy/ 
And also this template can be interesting for you “Operating Procedures for Information and Communication Technology” :  https://advisera.com/27001academy/01academy/emy/ademy/my/documentation/security-procedures-for-it-department/
Please, let us know if you need more information about this control.
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 12, 2016

Jan 12, 2016

Suggested Topics

Guest user Created:   Jul 20, 2021 ISO 27001 & 22301
Replies: 1
0 0

Question about BIA form

Guest user Created:   Jul 12, 2021 ISO 27001 & 22301
Replies: 1
0 0

Question about training

Guest user Created:   Jun 29, 2021 ISO 27001 & 22301
Replies: 1
0 0

Question about A.7.1.2