Take the ISO 27001 course exam and get the EU GDPR course exam for free
LIMITED-TIME OFFER – VALID UNTIL SEPTEMBER 30, 2021

Expert Advice Community

Guest

Users and passwords

  Quote
Guest
Guest user Created:   Jan 12, 2016 Last commented:   Jan 12, 2016

Users and passwords

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Guest
AntonioS Jan 12, 2016

Can you give easy explanation about  
1) A.9.2.2 
2) A.9.2.4 
3) A.9.3.1 
4) A.9.4.3 
Sometimes, i have a little confuse about this
 

Answer:

Sure, I will give you an example for echa one:

1) A.9.2.2 User access provisioning: I give you an user with privileges of read/write to a folder (according to a procedure)
2) A.9.2.4 Management of secret authentication information of users: I give you your password in a secure manner (according with a procedure), for example: the organization needs to verify your identity, the use of external parties or unprotected electronic messages should be avoided, you should acknowledge receipt of secret authentication information, etc.
3) A.9.3.1 Use of secret authentication information: You should follow the organization’s practices in the use of passwords, for example: not share individual user’s secret authentication information, ensure proper protection of passwords, not use the same secret authentication information for business and non-business purposes, etc
4) A.9.4.3 Password management system: You use in your organization a software to manage passwords, for example Active Directory (Windows environments), OpenLDAP (Linux and Windows environments)
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 12, 2016

Jan 12, 2016

Suggested Topics

Nika Created:   Jan 21, 2021 ISO 27001 & 22301
Replies: 1
0 0

A.9.4.3 Password Management System

Guest user Created:   Nov 10, 2018 ISO 27001 & 22301
Replies: 1
0 0

Security tools