Mention most relevant clause of iso 27001:2005, Computer Network Security

Assignment Help:

QUESTION

(In this question, you will need to use the ISO 27001:2005 and ISO 27002:2005 standards)

For each of the situations below, comment on the following:

1. Mention most relevant clause of ISO 27001:2005

2. Whether the practice followed in the organization is appropriate and implemented as per the requirement of relevant control of ISO 27001

3. If not, indicate the deviation.

Situation A

An organization wants to dispose its old PC's and to get new ones in exchange. What steps should it take to meet the requirement of ISO 27001: 2005?

Situation B

An organisation which is ISO 27001 certified has a back-up policy which calls for sending by courier on a weekly basis a copy of its latest back up media for storage offsite. What requirements must the organisation meet to be compliant with ISO 27001?


Related Discussions:- Mention most relevant clause of iso 27001:2005

Explain the security service - confidentiality, Question: (a) Explain t...

Question: (a) Explain the following security services: Confidentiality, Availability. (b) Which attack will be used to bypass even the best physical and logical security m

Documenting the results of risk assessment, Documenting the Results of Risk...

Documenting the Results of Risk Assessment The goal of this process is to recognize the information assets, list them, and rank according to those most required protection. The

What you understand by the term brute force attack, Question: a) Expla...

Question: a) Explain what you understand by the term brute force attack, giving an example of such an attack b) Briefly outline the concept of Caesar cipher and identify a

Cost benefit analysis (cba)-information security, Cost Benefit Analysis (CB...

Cost Benefit Analysis (CBA) The common approach for information security controls is economic feasibility of implementation. CBA is begun by evaluating the worth of assets which

Security analysis-information security, SECURITY ANALYSIS Overview •    ...

SECURITY ANALYSIS Overview •    Know yourself: examine, identify, and understand the information and systems which are currently in place •    Know the enemy: examine, identify,

Data classification and management, Data Classification and Management C...

Data Classification and Management Corporate and military organizations use a several of classification schemes. Information owners are responsible for classifying information a

Packet filtering firewall-stateless packet filtering, Stateless Packet Filt...

Stateless Packet Filtering Stateless or static packet filtering is the most straightforward kind of packet filtering that allows or disallows data transfer based on the addres

Find the capacity of the wcdma, Question: (a) Describe the term interfe...

Question: (a) Describe the term interference in the space, time, frequency, and code domain. (b) Consider a 1 G - AMPS: 824-849 MHz (forward) ; 869-894 MHz (reverse). B

Pinging a web server, Ask quIf you are pinging a web server from a user’s c...

Ask quIf you are pinging a web server from a user’s client PC, how might the statistical information provided by ping be useful to you?estion #Minimum 100 words accepted#

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd