Expert Advice Community

Guest

Vulnerability Assessment & Penetration Testing policy

  Quote
Guest
Guest user Created:   Sep 30, 2021 Last commented:   Sep 30, 2021

Vulnerability Assessment & Penetration Testing policy

I can't find Vulnerability Assessment & Penetration Testing policy. I don't see it included in A.12.1_Security_Procedures_for_IT_Department_27001_EN.

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Sep 30, 2021

The vulnerability management and penetration test are not mandatory documents according to ISO 27001, nor are they documents commonly adopted by organizations (most of them rely on outsourced services for this purpose), so it is not included in the toolkit, to avoid unnecessary effort to manage the ISMS. If you understand that this document is important to your organization, you can schedule a meeting with one of our experts so he can help you to develop such a document.

These articles will provide you a further explanation about vulnerability management:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Sep 30, 2021

Sep 30, 2021

Suggested Topics

Guest user Created:   May 30, 2022 ISO 27001 & 22301
Replies: 3
0 0

Risk assessment question

Guest user Created:   May 08, 2022 ISO 27001 & 22301
Replies: 3
0 0

HIPAA & ISO27001