iso 27001 control a.12.1,a.12.2 & a.12.3 - by software outsourcing company in india
TRANSCRIPT
iFour ConsultancyISO 27001 Control A.12.1 , A.12.2 & A.12.3 Operations Security
ASP.NET software companies India http://www.ifourtechnolab.com1
A.12. Operations Security
A.12.1 Operational Procedures and Responsibilities
A.12.2 Protection from Malware
A.12.3 - Backup
ASP.NET software companies India
http://www.ifourtechnolab.com
ASP.NET software companies India http://www.ifourtechnolab.com2
A.12.1 Operational Procedures and ResponsibilitiesA 12.1.1 Documented Operating Procedures
Installation and Configuration of Systems
Scheduling and Interdependency of Systems
Exception and Error Handling
Media Handling Instruction
Escalation Contacts
ASP.NET software companies Indiahttp://www.ifourtechnolab.com
ASP.NET software companies India http://www.ifourtechnolab.com3
A.12.1 Operational Procedures and ResponsibilitiesA 12.1.2 Change Management
Identification and RecordingPlanning and TestingImpact AnalysisApproval ProcessVerificationFall-Back ProceduresEmergency Provision
ASP.NET software companies Indiahttp://www.ifourtechnolab.com
ASP.NET software companies India http://www.ifourtechnolab.com4
A.12.1 Operational Procedures and ResponsibilitiesA 12.1.3 Capacity Management
Deletion
Decommission
Optimize
Restrict
ASP.NET software companies Indiahttp://www.ifourtechnolab.com
ASP.NET software companies India http://www.ifourtechnolab.com5
A.12.1 Operational Procedures and ResponsibilitiesA 12.1.4 SoD, Testing and Operational Environments
Transfer Rules
Separation between Development and Operations
Testing
Accessibility for compilers, editors and other development tools
Sensitive Data
ASP.NET software companies Indiahttp://www.ifourtechnolab.com
ASP.NET software companies India http://www.ifourtechnolab.com6
A.12.2 Protection from MalwareA 12.2.1 Controls Against Malware
Prohibit the use of Unauthorized Software
Prevent-Detect Suspected Malicious Websites
Reduced Vulnerability
Installation and Regular Updates
Isolation of Environment
ASP.NET software companies Indiahttp://www.ifourtechnolab.com
ASP.NET software companies India http://www.ifourtechnolab.com7
A.12.3 BackupA 12.3.1 Information Backup
Backup Copies and Restoration ProceduresThe Extent and Frequency of BackupsLocation of BackupPhysical and Environmental ProtectionRegular Tests on Backup MediaEncryption of Backup
ASP.NET software companies Indiahttp://www.ifourtechnolab.com
ASP.NET software companies India http://www.ifourtechnolab.com8
References
https://workshare.fogbugz.com/?W398#toc_50
ISO/ IEC : 27001 / 2013
ASP.NET software companies Indiahttp://www.ifourtechnolab.com
ASP.NET software companies India http://www.ifourtechnolab.com9
Thanks
ASP.NET software companies Indiahttp://www.ifourtechnolab.com
ASP.NET software companies India http://www.ifourtechnolab.com10