Vad är ISO 27001?
Huvudkraven i standarden behandlas i avsnitt 4.1 till och med 10.2
Samt I bilaga A är de kontroller kan du med förbehåll välja att använda,
när ni jobbar med riskbedömning och ledningsarbete, detta täcks i avsnitt A.5 till och med A.18.
ISO 27001 requirements
4.1
Understanding the organisation and its context
4.2
Understanding the needs and expectations of interested parties
4.3
Determining the scope of the information security management system
4.4
Information security management system
5.1
Leadership and commitment
5.2
Information Security Policy
5.3
Organizational roles, responsibilities and authorities
6.1
Actions to address risks and opportunities
6.2
Information security objectives and planning to achieve them
7.1
Resources
7.2
Competence
7.3
Awareness
7.4
Communication
7.5
Documented information
8.1
Operational planning and control
8.2
Information security risk assessment
8.3
Information security risk treatment
9.1
Monitoring, measurement, analysis and evaluation
9.2
Internal audit
9.3
Management review
10.1
Nonconformity and corrective action1
0.2
Continual improvement
ISO 27001 Annex A Controls
A.5
Information security policies
A.6
Organisation of information security
A.7
Human resource security
A.8
Asset management
A.9
Access control
A.10
Cryptography
A.11
Physical and environmental security
A.12
Operations security
A.13
Communications security
A.14
System acquisition, development, and maintenance
A.15
Supplier relationships
A.16
Information security incident management
A.17
Information security aspects of business continuity management
A.18
Compliance
Om ISO 27001
About ISO 27001
Achieve ISO 27001
ISO 27001 Requirements & Controls
Asset management
ISO 27001 Certification
What is an ISMS?
Key considerations for your ISMS
Migrating your ISMS to ISMS.online
Redo att jobba enligt ISO 27001:2013 ?