Security controls review
Assign topic to the user
ISO 27001 IT SECURITY POLICY
Define the detailed security rules for everyone in the company.
Get it now 
ISO 27001 IT SECURITY POLICY
Define the detailed security rules for everyone in the company.
Get it now
ISO 27001 IT SECURITY POLICY
Define the detailed security rules for everyone in the company.
Get it now
Answer: ISO 27001 does not prescribe how many times you need to review security controls, so you must define this periodicity based on criticality of processes, the results of risk assessments, recorded incidents and previous audit results (both internal and external).
This article will provide you further explanation about measuring and monitoring:
- How to perform monitoring and measurement in ISO 27001 https://advisera.com/27001academy/blog/2015/06/08/how-to-perform-monitoring-and-measurement-in-iso-27001/
These materials will also help you regarding measuring and monitoring:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Mar 23, 2018