Guest
Secure Development Policy
I am looking at implementing a Secure Development Policy. Our ISO 27001 pack contains:
Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
Expert
Rhand Leal
Jun 12, 2019
- A.14_Secure_Development_Policy_Premium_EN
- A.14.1_Appendix_1_Specification_of_Information_System_Requirements_Pre mium_EN
This refers to various controls A.14.2.x which are not in the pack which are also referenced from https://advisera.com/27001academy/blog/2018/04/24/how-to-use-open-web-application-security-project-owasp-for-iso-27001/ which was posted last year. How do I get access to these, please?
Answer:
If you note on section 2 (Reference Documents) of the Secure Development Policy, except for control A.14.2.4 (Restrictions on changes to software packages) all other controls mentioned in the article are covered by this policy. These are the control from ISO 27001 covered by this policy: A.14.1.2, A.14.1.3, A.14.2.1, A.14.2.2, A.14.2.5, A.14.2.6, A.14.2.7, A.14.2.8, A.14.2.9 and A.14.3.1
Control A.14.2.4 is covered by template Security Procedures for IT Department, located in folder 08_Annex_A_Security_Controls A.12_Operations_Security
- A.14.1_Appendix_1_Specification_of_Information_System_Requirements_Pre mium_EN
This refers to various controls A.14.2.x which are not in the pack which are also referenced from https://advisera.com/27001academy/blog/2018/04/24/how-to-use-open-web-application-security-project-owasp-for-iso-27001/ which was posted last year. How do I get access to these, please?
Answer:
If you note on section 2 (Reference Documents) of the Secure Development Policy, except for control A.14.2.4 (Restrictions on changes to software packages) all other controls mentioned in the article are covered by this policy. These are the control from ISO 27001 covered by this policy: A.14.1.2, A.14.1.3, A.14.2.1, A.14.2.2, A.14.2.5, A.14.2.6, A.14.2.7, A.14.2.8, A.14.2.9 and A.14.3.1
Control A.14.2.4 is covered by template Security Procedures for IT Department, located in folder 08_Annex_A_Security_Controls A.12_Operations_Security
Comment as guest or Sign in
Jun 12, 2019
Jun 12, 2019
Jun 12, 2019