ISO 27001 security aspects for logical security
¿Que aspectos importantes de la norma ISO 27001 puedo incluir para la seguridad lógica en una empresa en la cual laboro?
Assign topic to the user
What important aspects of ISO 27001 can I include for logical security in a company in which I work?
First, it is important to note that, to follow the logic of ISO 27001 to apply security controls, you first have to perform a risk assessment to identify which information security risks are more relevant to your company's context. Without this assessment, you may apply unnecessary controls while not implementing relevant controls.
Considering that, controls related to most common risks raised on a risk assessment regarding logical security are:
- Access control
- Backup
- Network segregation
- Clear desk and clear screen
- Controls against malware
These articles will provide you further explanation about selecting controls and structuring documents:
- The basic logic of ISO 27001: How does information security work? https://advisera.com/27001academy/knowledgebase/the-basic-logic-of-iso-27001-how-does-information-security-work/
- How to structure the documents for ISO 27001 Annex A controls https://advisera.com/27001academy/blog/2014/11/03/how-to-structure-the-documents-for-iso-27001-annex-a-controls/
Comment as guest or Sign in
Oct 08, 2019