Hello Dejan, I hope you are well and staying safe! with the new norm now, where people are working from home, will the scope of ISO changes or impact for the firms?
Assign topic to the user
This "New normal" can be seen as a change in organizational context and this situation is already considered in ISO management system standards, so standards will not need to change because of this situation.
However, since the "New norm" is a change in organizational context, organizations will need to review how it will impact their management systems and make changes as needed. The coverage and complexity of potentially needed changes will vary according business needs, objectives, and applicable legal requirements related to their management systems.
For example, an organziation can identify that costs related to people working for home are less that keeping them in the office, even when considering addition inIT infrastracture costs, and this can prompt a review in the ISMS. Another example is that governments can issue new laws or regulations about use of personnal data that can impact current privacy controls and processes.
These articles and material will provide you a further explanation about organizational context:
- How to define context of the organization according to ISO 27001 https://advisera.com/27001academy/knowledgebase/how-to-define-context-of-the-organization-according-to-iso-27001/
- Checklist of cyber threats & safeguards when working from home (PDF) https://info.advisera.com/27001academy/free-download/checklist-of-cyber-threats-and-safeguards-when-working-from-home
- How to apply information security controls in teleworking according to ISO 27001 https://advisera.com/27001academy/blog/2021/10/27/how-to-use-iso-27001-to-secure-data-when-working-remotely/
- What to include in an ISO 27001 remote access policy https://advisera.com/27001academy/blog/2019/04/23/iso-27001-remote-access-policy-how-to-develop-it/
Comment as guest or Sign in
Jul 25, 2020