Guest
Information Systems Audit Control
I would like to know exactly how to implmeent The control 15.3.1 of ISO 27001 (Information systems audit controls)
Is it about logging users activities on systems ?
thanks in advance
Assign topic to the user
Control A.15.3.1 you refer to is from the old 2005 revision of ISO 27001 - in new 2013 revision almost the same control exists under A.12.7.1.
This control is not about logging user activities; this control is on how to plan the audits of your information systems in order to minimize the disruption to business processes; in other words, you have to perform your audits carefully, in order not to corrupt your operational systems.
By the way, you'll find the best guidance in the ISO 27002 standard.
Comment as guest or Sign in
Jan 12, 2016
Jan 12, 2016
Jan 12, 2016