Expert Advice Community

Guest

System/App Retirement & Decommissioning

  Quote
Guest
brianhopla Created:   Aug 22, 2019 Last commented:   Aug 24, 2019

System/App Retirement & Decommissioning

Hi, What would be the most appropriate ISO 27001 control sets relevant to system/app decommissioning? I want to reference them in a procedure document. Thanks, Brian.
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Aug 24, 2019
Answer:

For system/app decommissioning you should consider these controls:
- A.8.1.1 Inventory of assets: the inventory of assets should be updated after system/app decommissioning
- A.12.1.2 Change management: system/app decommissioning should be performed in an authorized and controlled manner
- A.14.2.3 Technical review of applications after operating platform changes: after decommission the security of remaining platforms which had interrelation with decommissioned system/app should be evaluated

Please note that the application of these controls should consider the results of risk assessment.
Quote
0 1
Guest
brianhopla Aug 27, 2019
Great answer; thanks.
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Aug 22, 2019

Aug 27, 2019