LIVE VIRTUAL TRAININGS
Learn in small groups from top experts and real-life examples

Expert Advice Community

Guest

Filling toolkit templates

  Quote
Guest
Guest user Created:   Nov 13, 2018 Last commented:   Nov 13, 2018

Filling toolkit templates

1. Is “Confidentiality level “ mandatory to mentioned it in documents ,or I can remove it ?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Nov 13, 2018

Answer:

Labeling can be adapted to organization needs, so you can remove it, but you have to consider that without label the risks may increase, because it will be more difficult for people to identify the sensitivity of information and how to handle them properly. An alternative may be to have only two classification levels and label only the most sensitive information. This way you will reduce the need to label information.

For more information, see: Information classification according to ISO 27001 https://advisera.com/27001academy/blog/2014/05/12/information-classification-according-to-iso-27001/

2. About document “A.9 access control “ in 08 annex A, can you guide us how to fill user profile section?

Answer:

Here is an example for user profile:
Name of system: Payroll module
User rights: Include records and edit records
Job titles have access rights according to this profile:
• Payroll analyst

Name of system: Payroll module
User rights: Delete records
Job titles have access rights according to this profile:
• Payroll manager

Name of system: Payroll module
User rights: View records
Job titles have access rights according to this profile:
• All employees

Network: Internal network
User rights: Upload and download files
Job titles have access rights according to this profile:
• All employees
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Nov 13, 2018

Nov 13, 2018

Suggested Topics

Guest user Created:   Jan 19, 2018 ISO 27001 & 22301
Replies: 1
0 0

Filling toolkit templates

Guest user Created:   Jun 10, 2020 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 implementation

Guest user Created:   Apr 27, 2020 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 implementation