Secure System Engg Principles
Assign topic to the user
If in your Software Development Life Cycle you have defined that the security is in place in the phases of development (requirements, design, coding, testing, operation), it can be enough for the ISO 27001 (questions about security in the requirements phase, risk assessment during the design phase, secure code during coding phase, etc.)
This webinar about ISO 9001 and ISO 27001 can be interesting for you "ISO 27001 implementation: How to make it easier using ISO 9001" : https://advisera.com/27001academy/webinar/iso-27001-implementation-make-easier-using-iso-9001-free-webinar-demand/ . And also this article "Using ISO 9001 for implementing ISO 27001" : https://advisera.com/27001academy/blog/2010/03/08/using-iso-9001-for-implementing-iso-27001/
Finally, we have a template for this control "14.2.5 Secure system engineering principles" that can help you (you can see a free version clicking on "Free Demo" tab "Secure Development Policy": https://advisera.com/27001academy/documentation/secure-development-policy/
Comment as guest or Sign in
Jan 12, 2016