SPRING DISCOUNT
Get 30% off on toolkits, course exams, and Conformio yearly plans.
Limited-time offer – ends April 25, 2024
Use promo code:
SPRING30

Expert Advice Community

Home / ISO 27001 & 22301 / ISO 27001 query

Guest

ISO 27001 query

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   Jan 13, 2022 Last commented:   Jan 13, 2022

ISO 27001 query

ISO 27001 & 22301
I have a question. For an organization that having servers on premise and on cloud, to comply with 12.4.4 Clock synchronization: All systems should be configured with the same time and date. Which servers in the cloud that should have the same time as the servers on premise: SaaS DaaS IaaS or none of the cloud should sync?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.
Expert
Rhand Leal Jan 13, 2022

I’m assuming that by DaaS you mean Device as a Service.

Normally, control A.12.4.4 applies only to on-premise servers because these are the servers you fully control. If your risk assessment or requirements ask that both on-premise and cloud servers need to be synchronized, then regardless of the environment or cloud model, to be compliant with control 12.4.4 all servers in the same security domain (i.e., under the influence of the same controls) need to be synchronized to a single reference time source.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 13, 2022

Jan 13, 2022

Suggested Topics
Guest user Created:   Mar 01, 2023 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 query
Guest user Created:   Jun 14, 2021 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 query
Guest user Created:   Apr 24, 2023 ISO 27001 & 22301
Replies: 1
0 0

Query on ISO 27001:2022 SOA