Operating procedures for IT Management
Assign topic to the user
There are some domains of control that are not related to IT. Example: A.7 Human Resource Security and A.15 Supplier relationships. But A.12 is directly related with IT because has controls about backups, malware, monitoring, technical vulnerabilities, etc.
Remember that there are a list of documentes that you need to be compliant with ISO 27001, and one of this is related to the control A.12.1.1 Operating procedures for IT management. To see this list, please read this article (you also can see a list of Non-mandatory documents) List of mandatory documents required by ISO 27001 (2013 revision): https://advisera.com/27001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-27001-2013-revision/
Comment as guest or Sign in
Jan 12, 2016