Guest user Created: Jul 20, 2022 Last commented: Jul 20, 2022

Revision to 27002 question

I read with great interest your Blog on the Revision Changes to 27002. Is it perhaps possible to share with me as to whether EACH Control will refer to the required Elements as well as the 5 Control Attributes in relation to determining appropriate Process guidelines?

0 0

Assign topic to the user

Select user

Expert

Rhand Leal Jul 20, 2022

Please note that the elements (Attribute, Control, Purpose, Guidance, and Other information) are part of each control and that each control is referred to at least one element in the five control attributes. So, by electing one attribute to sort the controls, you can group them according to each element they cover.

For example, control 5.1 Policies for Information Security, in its attribute Control type is classified as preventive, while control 7.4 Physical Security Monitoring in its attribute Control type is classified as preventive and detective.

Considering that, you can work these controls together considering that you can develop a Physical Security Monitoring Policy (a preventive measure), which can define rules for implementing CCTV monitoring and motion sensors for detection of unauthorized access (a detective measure).

For more detailed information about the ISO 27002 revision, please download this free white paper:

What are the new security controls in ISO 27002:2022? https://info.advisera.com/27001academy/free-download/overview-of-new-security-controls-in-iso-27002/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Jul 20, 2022

Expert Advice Community