Guest
Requirement from ISO 27001 for calibration
Is there any specific requirement from ISO 27001 for calibration?
Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
Expert
Rhand Leal
Sep 02, 2019
If yes, how a "Software development" company do calibration? We don't use any tools or machine. Just PC.
Answer:
ISO 27001 does not prescribe requirements for calibration, but information security requirements from the own organization, or from third-parties, may define the need for calibration to be included in the software under development.
For example, for a biometric-based access control software, you need to perform calibration during development to ensure the proper degree of confidence on biometric readings, as well as make this feature available for software users to adjust the system when needed (e.g., when a new hardware is used).
In this case, to ensure such requirements are identified and handled properly, you can apply the control A.14.1.1 Information security requirements analysis and specification.
This article will provide you further explanation about Software Development Life Cycle:
- How to integrate ISO 27001 A.14 controls into the system/software development life cycle (SDLC) https://advisera.com/27001academy/how-to-integrate-iso-27001-controls-into-the-system-software-development-life-cycle-sdlc/
Answer:
ISO 27001 does not prescribe requirements for calibration, but information security requirements from the own organization, or from third-parties, may define the need for calibration to be included in the software under development.
For example, for a biometric-based access control software, you need to perform calibration during development to ensure the proper degree of confidence on biometric readings, as well as make this feature available for software users to adjust the system when needed (e.g., when a new hardware is used).
In this case, to ensure such requirements are identified and handled properly, you can apply the control A.14.1.1 Information security requirements analysis and specification.
This article will provide you further explanation about Software Development Life Cycle:
- How to integrate ISO 27001 A.14 controls into the system/software development life cycle (SDLC) https://advisera.com/27001academy/how-to-integrate-iso-27001-controls-into-the-system-software-development-life-cycle-sdlc/
Comment as guest or Sign in
Sep 02, 2019
Sep 02, 2019
Sep 02, 2019