On ISO 27001, much of my work now requires an understanding of this standard, the gold plated standard for IT security, well I say gold plated, more accurately reasonable endeavours. I believe that it will become an essential part of the defence to charges that one’s failed to adequately protect data. Nothing new here yet!

Here’ the links on the standard

  1. http://www.iso27001security.com/index.html
  2. http://www.iso27001security.com/html/27002.html#Section12
  3. https://www.iso.org/standard/54534.html
  4. https://en.wikipedia.org/wiki/ISO/IEC_27001:2013
  5. http://www.iso27001security.com/html/27002.html
  6. http://gender.govmu.org/English/Documents/activities/gender%20infsys/AnnexIX1302.pdf
  7. https://www.iso.org/obp/ui/#iso:std:iso-iec:27003:ed-2:v1:en

Today, I am focussing on Operations Security

  1. http://iso27001guide.com/annex-a/operations-security/protection-from-malware/iso-27001-protection-from-malware/

And Applications Security, looking at logging and monitoring

  1. http://www.iso27001security.com/html/27034.html
  2. https://advisera.com/27001academy/blog/2015/11/23/logging-and-monitoring-according-to-iso-27001-a-12-4/
Dave I.T., Technology , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.