Expert Advice Community

Guest

Early preparation for ISO 27001

  Quote
Guest
Guest user Created:   May 08, 2020 Last commented:   May 08, 2020

Early preparation for ISO 27001

Hello Dejan and team. We are a start-up based in ***. We are just about to start coding our software-as-a-service solution. While it is not a top priority initially, we expect that we will later seek ISO 27001 certification later. What are the key considerations we should bear in mind as we embark on the development process, such that we have the preparatory work in place to ease the ISO 27001 process later?

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal May 08, 2020

The key considerations related to ISO 27001 you should take into account at this moment are:

  • identification of legal requirements (e.g., laws, regulations and contracts) related to software development and provision you need to comply with 
  • performing a risk assessment

These two items are core for ISO 27001, and even if you are not going for implementation of ISO 27001, they can help you include controls to make your process less susceptible to information security incidents (e.g., controls from Annex A related to software acquisition and maintenance).

These articles will provide you a further explanation about these topics:

This course will help you in learning about ISO 27001:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

May 08, 2020

May 08, 2020