Implementing ISO 27001 A12.1.1 Security Requirements Analysis and Specification

L

lufaso

#1
Hi :bigwave:
about ISO 27001, control A12.1.1 Security requirements analysis and specification...

How do you implement this control? How can I show conformity?

Any help will be appreciated...
 
Elsmar Forum Sponsor

Richard Regalado

Trusted Information Resource
#3
Sorry for the late reply.

This control is pretty straightforward. As this is information security, the standard is saying that when you design systems, security should be part of the design and analysis stage. Not after. During the design stage the following should be considered:

1. who can access?
2. how to validate access?
3. if passwords, how long? complexity rules? expiration?

ISO/IEC 27002 provides a long-list of guides for ISMS controls.
 
Thread starter Similar threads Forum Replies Date
A Implementing ISO 20000-1 - Where to start Other ISO and International Standards and European Regulations 2
B Lessons Learned Implementing ISO 50001 (Chemical Engineering Progress) Other ISO and International Standards and European Regulations 0
Q Does anyone have experience implementing a QMS without ISO certification? Quality Manager and Management Related Issues 2
I First Time Implementing Document Control for ISO-9001 - how far back do you go? Document Control Systems, Procedures, Forms and Templates 15
K EQMS question - Implementing an electronic QMS to support ISO 13485:2016 Quality Assurance and Compliance Software Tools and Solutions 4
T Is there any requirement to be compliant with IEC 62304 while implementing ISO 13485 ISO 13485:2016 - Medical Device Quality Management Systems 5
G Heavy Civil Construction Company Implementing ISO 9001:2015 for Certification ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
Q Easy Way of "Implementing" Risk in ISO 9001 2015 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
N Implementing ISO 17025 in a Calibration Laboratory ISO 17025 related Discussions 8
L Implementing ISO 9001 in small Trading Company ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 8
F Implementing ISO 9001:2008 in a new Food Processing company ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
J ISO 22301 - Implementing a Business Continuity Management System Business Continuity & Resiliency Planning (BCRP) 15
M Implementing ISO 9001 in an Assembly Plant ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 10
D Understanding and implementing ISO 17025 ISO 17025 related Discussions 9
Q Implementing ISO 9001 and ISO 22000 systems at the same time Document Control Systems, Procedures, Forms and Templates 2
C Implementing ISO 9001 - Getting whole team buy-in? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 25
M ISO 9001 - Implementing 7.3.2 - 7.3.7 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
C Starting a Quality Department from Scratch and Implementing ISO 9001 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 32
E Implementing ISO 14298:2013 in a Company Other ISO and International Standards and European Regulations 9
S Implementing ISO 14001 in a Construction company ISO 14001:2015 Specific Discussions 3
S Implementing ISO 9001 and ISO 17025 separately or together ISO 17025 related Discussions 6
C Implementing ISO 9001:2008 in a small Sales and Service company ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 38
C Implementing ISO 3834-2 - Keeping the organization informed Other ISO and International Standards and European Regulations 3
R EN ISO 14971:2012 - Implementing Annex Z content deviations ISO 14971 - Medical Device Risk Management 1
L How to start implementing a QMS according to ISO 17025 ISO 17025 related Discussions 5
S Implementing ISO 9001 for a small fabrication company ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
L Implementing ISO 9001: 2008 in a Dietary Supplement Company ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
Q Implementing ISO 14001 into an existing ISO/TS 16949 Quality Management System IATF 16949 - Automotive Quality Systems Standard 6
T Implementing ISO 9001 in a Home Business ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
L Implementing ISO 13485 with an ISO 9001:2008 QMS ISO 13485:2016 - Medical Device Quality Management Systems 3
C Is an Initial Environmental Review a must while implementing ISO 14001 ISO 14001:2015 Specific Discussions 5
G Implementing Dual Standards in a Company - ISO 9001 & AS9100 AS9100, IAQG 9100, Nadcap and related Aerospace Standards and Requirements 1
E Implementing ISO 13485 in a facility that serves other industries as well ISO 13485:2016 - Medical Device Quality Management Systems 4
F Implementing ISO 11135 - Facilities Conditions - Adding ETO Sterilization Other Medical Device Related Standards 4
M Problems implementing ISO 13485 for Software-Only Medical Device Manufacturers? ISO 13485:2016 - Medical Device Quality Management Systems 4
H Implementing ISO 14001 versus Implementing ISO 9001 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
C Suggestion for Implementing ISO 9001 in a Start-Up Company ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 14
S Implementing ISO 9001 at our company for the first time ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 10
R Implementing ISO 14001 - How do you Communicate to All the other Staff? ISO 14001:2015 Specific Discussions 2
R Quality Manager Training Methods - Learning and Implementing ISO 9001 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 26
A Major Software System Changes - Implementing TS 16949 and ISO 14001 IATF 16949 - Automotive Quality Systems Standard 2
B Understanding and Implementing ISO 9001 in a Small Manufacturing Business ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
C Implementing ISO 9001 - One Department at a Time - Internal Provision Only ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 29
M Where to Start when Implementing ISO Standards in Rotational Molding ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 8
Z ISO 9001 Implementing Performance in all Countries of the World ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
D Implementing ISO 9001:2008 - Had a New Center Merged with Our Organization ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
A Lost Cause for Understanding and Implementing ISO 9001 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 29
K ISO 31000 - Implementing Risk Management in the Construction Industry? Risk Management Principles and Generic Guidelines 5
E Implementing ISO 9001 and an Example of a Quality Manual anyone? Document Control Systems, Procedures, Forms and Templates 6
W ISO 20000 and ISO 17025 Compatability - Implementing both standards ISO 17025 related Discussions 9
Similar threads


















































Top Bottom