LIVE VIRTUAL TRAININGS
Learn in small groups from top experts and real-life examples

Expert Advice Community

Guest

Information and Cloud security policies

  Quote
Guest
Guest user Created:   Feb 16, 2017 Last commented:   Feb 16, 2017

Information and Cloud security policies

Can you please explain the difference between Information security policy and cloud security policy?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Feb 16, 2017

Answer: Information security policy is related to a top management definition of what it wants to achieve with information security in a broader sense, providing the framework for managing the ISMS, while the cloud security policy narrows the focus, considering the definition of what it wants the ISMS to achieve with information security in cloud environments. In terms of implementation, you can have the Cloud Security Policy as a section in the Information Security Policy or as a completely separated document.

This article will provide you further explanation about Information and Cloud security:
- ISO 27001 vs. ISO 27017 – Information security controls for cloud services https://advisera.com/27001academy/blog/2015/11/30/iso-27001-vs-iso-27017-information-security-controls-for-cloud-services/
- What should you write in your Informati on Security Policy according to ISO 27001? https://advisera.com/27001academy/blog/2016/05/30/what-should-you-write-in-your-information-security-policy-according-to-iso-27001/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Feb 16, 2017

Feb 16, 2017

Suggested Topics