ISO 27002 compatibility
Assign topic to the user
Answer: In fact the questions is in the other way around, is IBM QRadar SIEM (a technical implementation) compatible with ISO 27002 (a guidance of best practices)?
According to manufacturer information (https://www.ibm.com/us-en/marketplace/ibm-qradar-siem) IBM QRadar SIEM:
-Provides real-time visibility to the entire IT infrastructure to threat detection and prioritization
- Reduces and prioritizes alerts to focus security analyst investigations on an actionable list of suspected, high probability incidents
- Enables more effective threat management while producing detailed data access and user activity reports
- Produces detailed data access and user activity reports to help manage compliance
- Offers multi-tenancy and a master console to help managed service providers provide security intelligence solutions in a cost-effective manner
These features do help comply with controls of ISO 27002 like 12.4 Logging and monitoring, 12.6 Technical vul nerability management, 16.1 Management of information security incidents and improvements, but for a precise answer information about specific parameters of this tool and ISO 27002 controls applied should be analysed.
- Logging and monitoring according to ISO 27001 A.12.4 https://advisera.com/27001academy/logging-according-to-iso-27001/
- How to manage technical vulnerabilities according to ISO 27001 control A.12.6.1 https://advisera.com/27001academy/blog/2015/10/12/how-to-manage-technical-vulnerabilities-according-to-iso-27001-control-a-12-6-1/
- How to handle incidents according to ISO 27001 A.16 https://advisera.com/27001academy/blog/2015/10/26/how-to-handle-incidents-according-to-iso-27001-a-16/
Comment as guest or Sign in
May 19, 2017