Controls (Annex A) A.5: Information Security Policies – Controlling how policies are written and revised A.6: Information Security Organization – Controls on how responsibilities are assigned; also includes controls for mobile devices A.7: Human Resources Security – Pre-employment, during and after employment controls A.8: Asset management – Asset inventory and acceptable use controls; also for information classification and media […]
ISO 27001 is a standard which helps organizations manage information security. It was published by International Standardization Organization (ISO). The latest revised version is ISO 27001:2013. First version was published in 2005. This standard was developed on British Standards BS 7799-2. Which type of organizations can get certified for ISO 27001? ISO 27001 can be implemented in any […]
This is a weblog series. You are reading first (#1) log of the series. Please follow us regularly to know more about CMMI and to not miss any links in between. We would love to hear your valuable comments and suggestions. Next log of this series will be focussing on what CMMI can be useful for […]