Measuring control effectiveness
Assign topic to the user
Answer: Without relying on an IDS system, the best option to measure the probability of breach, or improvements on security by implementing new controls like 2 factor authentication, would be by performing periodic penetration tests and/or vulnerability assessments. They can provide an snapshot of your situation and help you manage potential risk.
This article will provide you further explanation about penetration test and vulnerability assessment:
- How to use penetration testing for ISO 27001 A.12.6.1 https://advisera.com/27001academy/blog/2016/01/18/how-to-use-penetration-testing-for-iso-27001-a-12-6-1/
- How to manage technical vulnerabilities according to ISO 27001 control A.12.6.1 https://advisera.com/27001academy/blog/2015/10/12/how-to-manage-technical-vulnerabilities-according-to-iso-27001-control-a-12-6-1/
These materials will also help you regarding penetration test and vulnerability assessment:
- ISO 27001 Annex A Controls in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Apr 11, 2017