A.8.1 User end point devices Information stored on, processed by or accessible via user end point devices shall be protected. A.8.2 Privileged access rights The allocation and use of privileged access rights shall be restricted and managed. A.8.3 Information access restriction Access to information and other associated assets shall be restricted in accordance with theContinue reading “A.8 Technological Controls (34 Controls)”
Tag Archives: annexure
A.5 Organizational Controls (37 Controls)
A.5.1 Policies for information security Information security policy and topic-specific policies shall be defined, approved by management, published, communicated to and acknowledged by relevant personnel and relevant interested parties, and reviewed at planned intervals and if significant changes occur. A.5.2 Information security roles and responsibilities Information security roles and responsibilities shall be defined and allocatedContinue reading “A.5 Organizational Controls (37 Controls)”
Control Groups / Annexure
ISO 27001 Controls A.5 Organizational Controls A.6 People Controls A.7 Physical Controls A.8 Technological Controls
