If I do pen test, which controls from Annex A can be covered?
Assign topic to the user
Answer: Unfortunately, out of 114 controls from Annex A, with penetration testing your would partially cover only the control A.12.6.1 "Management of technical vulnerabilities." And I say partially because pen testings wouldn't be enough to cover this control completely.
See also these articles:
- How to use penetration testing for ISO 27001 A.12.6.1 https://advisera.com/27001academy/blog/2016/01/18/how-to-use-penetration-testing-for-iso-27001-a-12-6-1/
- How to manage technical vulnerabilities according to ISO 27001 control A.12.6.1 https://advisera.com/27001academy/blog/2015/10/12/how-to-manage-technical-vulnerabilities-according-to-iso-27001-control-a-12-6-1/
Comment as guest or Sign in
Apr 15, 2016