Save 20% on accredited ISO 27001 course exams.
Limited-time offer – ends July 18, 2024
Use promo code:
EXAM20

Expert Advice Community

Guest

Secure Development Policy

  Quote
Guest
Guest user Created:   Jun 12, 2019 Last commented:   Jun 12, 2019

Secure Development Policy

I am looking at implementing a Secure Development Policy. Our ISO 27001 pack contains:
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jun 12, 2019

- A.14_Secure_Development_Policy_Premium_EN
- A.14.1_Appendix_1_Specification_of_Information_System_Requirements_Pre mium_EN
This refers to various controls A.14.2.x which are not in the pack which are also referenced from https://advisera.com/27001academy/blog/2018/04/24/how-to-use-open-web-application-security-project-owasp-for-iso-27001/ which was posted last year. How do I get access to these, please?

Answer:

If you note on section 2 (Reference Documents) of the Secure Development Policy, except for control A.14.2.4 (Restrictions on changes to software packages) all other controls mentioned in the article are covered by this policy. These are the control from ISO 27001 covered by this policy: A.14.1.2, A.14.1.3, A.14.2.1, A.14.2.2, A.14.2.5, A.14.2.6, A.14.2.7, A.14.2.8, A.14.2.9 and A.14.3.1

Control A.14.2.4 is covered by template Security Procedures for IT Department, located in folder 08_Annex_A_Security_Controls A.12_Operations_Security

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jun 12, 2019

Jun 12, 2019

Suggested Topics