Closed nelsonic closed 7 years ago
The ISO 27001 Standard defines requirements for the confidentiality, integrity and availability of information systems.
To ensure that both we (the OA team) and our stakeholders (people who use the app for their business-critical information) have the confidence in our IT systems we need answer all 133 questions in the risk assessment.
Annoyingly the Standard is not free, instead we have to pay to download it! http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=54534 it costs CHF 118 (£92).
A bit of googling and found: https://trofisecurity.com/assets/img/iso27001-2013.pdf (the full PDF) (best to google if the link is broken when you read this...)
Tutorial videos: http://advisera.com/27001academy/documentation-tutorials/
See: https://github.com/dwyl/ISO-27001-2013-information-technology-security
The ISO 27001 Standard defines requirements for the confidentiality, integrity and availability of information systems.
To ensure that both we (the OA team) and our stakeholders (people who use the app for their business-critical information) have the confidence in our IT systems we need answer all 133 questions in the risk assessment.
Annoyingly the Standard is not free, instead we have to pay to download it! http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=54534 it costs CHF 118 (£92).
A bit of googling and found: https://trofisecurity.com/assets/img/iso27001-2013.pdf (the full PDF) (best to google if the link is broken when you read this...)