SPRING DISCOUNT
Get 30% off on toolkits, course exams, and books.
Limited-time offer – ends May 26, 2022
Use promo code:
SPRING30

Expert Advice Community

Guest

Smartphones in an ISMS environment

  Quote
Guest
Guest user Created:   Feb 25, 2019 Last commented:   Feb 25, 2019

Smartphones in an ISMS environment

If we allow smartphones inside our office environment, how we can get compliance fulfilled for ISO 27001? What procedure we need to implement to get compliant?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Feb 25, 2019

Answer:

First of all, you have to perform a risk assessment to identify which risks related to smartphones you have to treat, and which legal requirements (e.g. clauses of contracts, laws or regulations) you have to fulfill. After that you have to identify proper controls to be implemented. In general, to protect smartphones and other mobile devices you have to consider the following controls:
- A.6.2.1 Mobile device policy
- A.6.2.2 Teleworking
- A.13.2.1 Information transfer policies and procedures
- A.13.2.3 Electronic messaging

Normally these are implemented through a BYOD policy, which you can see how it looks like at this link: https://advisera.com/27001academy/documentation/bring-your-own-device-byod-policy/

This article will provide you further explanation abou t BYOD policy:
- How to write an easy-to-use BYOD policy compliant with ISO 27001 https://advisera.com/27001academy/blog/2015/09/07/how-to-write-an-easy-to-use-byod-policy-compliant-with-iso-27001/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Feb 25, 2019

Feb 25, 2019

Suggested Topics

Guest user Created:   May 17, 2022 ISO 27001 & 22301
Replies: 1
0 0

ISMS 27001 processes

Guest user Created:   Mar 31, 2022 ISO 27001 & 22301
Replies: 1
0 0

Merging ISMSs