Expert Advice Community

Guest

ISMS controls refer to Finance

  Quote
Guest
Guest user Created:   Jun 18, 2020 Last commented:   Jun 18, 2020

ISMS controls refer to Finance

Would you be able to advise what controls refer to Finance as in a finance dept?
0 0

Assign topic to the user

ISO 27001 FOUNDATIONS COURSE

Everything you need to know about ISO 27001.

ISO 27001 FOUNDATIONS COURSE

Everything you need to know about ISO 27001.

Expert
Rhand Leal Jun 18, 2020

Broadly speaking, you can consider these controls:

  • A.6.1.2 Segregation of duties
  • A.8.2.1 Classification of information
  • A.8.2.3 Handling of assets
  • A.13.2.1 Information transfer policies and procedures
  • A.13.2.2 Agreements on information transfer

But please note that ISO 27001 Annex A approach to grouping controls is not related to specific processes or business units, but to security objectives to be achieved.

Considering that, without the results of risk assessment and the identification of applicable legal requirements (e.g., laws, regulations, and contracts), it is not possible to define controls specific for finance.

These articles will provide you a further explanation about the identification of requirements and risk assessment:

These materials will also help you regarding the identification of requirements and risk assessment:

Quote
0 0
Guest
Paula Jun 18, 2020

Many thanks Rhand for your quick response - very helpful 

 

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jun 18, 2020

Jun 18, 2020