Expert Advice Community

Guest

ISO 27001 and scrum

  Quote
Guest
Guest user Created:   Sep 20, 2019 Last commented:   Sep 20, 2019

ISO 27001 and scrum

Hi, I wonder if you can share views or references regarding ISO 27001 compliance efforts for companies adopting Agile SCRUM for software development. I'd love to know as well from ISO 27001 auditor's view on that.

0 1

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Sep 20, 2019

ISO 27001 does not prescribe methods for secure software development, so organizations are free to adopt the approach that better fills their needs, and provided the adopted approach fulfills standards requirements, auditors will be ok with them. Unfortunately, we do not have details about the use of SCRUM in software development on ISO certified organizations, but regarding ISO 27001 implementation, it is an approach as useful and effective as any other project management framework.

These articles will provide you a further explanation about scrum and information security and ISO 27001 and controls do software development life cycle:
- How to use Scrum for the ISO 27001 implementation project https://advisera.com/27001academy/blog/2017/03/27/how-to-use-scrum-for-the-iso-27001-implementation-project/
- How to integrate ISO 27001 A.14 controls into the system/software development life cycle (SDLC) https://advisera.com/27001academy/blog/2017/01/24/how-to-integrate-iso-27001-a-14-controls-into-the-system-software-development-life-cycle-sdlc/

Quote
0 1

Comment as guest or Sign in

HTML tags are not allowed

Sep 20, 2019

Sep 20, 2019