Expert Advice Community

Guest

ISO 27001 and SOC

  Quote
Guest
Guest user Created:   Dec 22, 2018 Last commented:   Dec 22, 2018

ISO 27001 and SOC

I want to know ISO 27001 clauses or controls related to SOC(Security Operation Center). Or questions that can be asked in isms audit related to SOC.
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Dec 22, 2018

Answer:

The main functions of a SOC are to monitor, detect, investigate, and respond to cyber threats. Considering that, the most probable ISO 2700 controls you have to consider for SOC are controls from sections A.12.4 Logging and monitoring, A.12.6 Technical vulnerability management, A.13.1 Network security management, and A.16.1 Management of information security incidents and improvements.

Regarding possible questions, I suggest you to take a look at these sections in our ISO 27001 Gap Analysis Tool at this link: https://advisera.com/27001academy/free-iso-27001-gap-analysis-tool/

These articles will provide you further explanation about controls from these sections:
- Logging and monitoring according to ISO 27001 A.12.4 https://advisera.com/27001academy/blog/2015/11/23/logging-and-monitoring-according-to-iso-27001-a-12-4/
- How to use penetration testing for ISO 27001 A.12.6.1 https:/ /advisera.com/27001academy/blog/2016/01/18/how-to-use-penetration-testing-for-iso-27001-a-12-6-1/
- How to manage technical vulnerabilities according to ISO 27001 control A.12.6.1 https://advisera.com/27001academy/blog/2015/10/12/how-to-manage-technical-vulnerabilities-according-to-iso-27001-control-a-12-6-1/
- Using Intrusion Detection Systems and Honeypots to comply with ISO 27001 A.13.1.1 network controls https://advisera.com/27001academy/blog/2016/07/04/using-intrusion-detection-systems-and-honeypots-to-comply-with-iso-27001-a-13-1-1-network-controls/
- How to handle incidents according to ISO 27001 A.16 https://advisera.com/27001academy/blog/2015/10/26/how-to-handle-incidents-according-to-iso-27001-a-16/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Dec 22, 2018

Dec 22, 2018

Suggested Topics

Guest user Created:   Jul 01, 2020 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 and SOC1

Guest user Created:   Jan 19, 2017 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 and SOC