Requirement of relevant control of iso, Risk Management

Assignment Help:

Question:

For each of the situations below:-

(a) Mention most relevant clause of ISO 27001:2005

(b) Whether the practice followed in the organization is appropriate and implemented as per the requirement of relevant control of ISO 27001. If not, indicate the deviation

S1 An organization has planned to take third party service for managing its enterprise resource planning software. It also expects that the contracted supplier shall attend the problem within an hour the complaint is lodged to the party. How the organization ensures its requirements are taken care of by the third party and which control of ISO 27001 is applicable?

S2 A large organization has outsourced the data centre activities to a well known supplier. All the possible requirements as identified in terms of SLA and non-disclosure agreement as required, have been entered in the contract as part of ISMS implementation in the organization. The outsourced supplier is also responsible to change the system data and only intimation is given to the parent organization. No control is available with the parent organization before or during change.

S3 The organization's policy calls for only one user with super user right. The Network Administrator went on study leave for 1 yr. and the Network Supervisor was made an adhoc administrator and allotted the super user rights. After joining of the Network Administrator from leave, both of them continued with super user rights.

S4 An organization wants to dispose of 100 old Pentium PC's and to get new model P IV 2.6 GHz in exchange. What steps should it take to meet the requirement of ISO 27001: 2005?


Related Discussions:- Requirement of relevant control of iso

Objectives of risk communication, Objectives of risk communication The ...

Objectives of risk communication The fundamental goal of risk communication, as you may have realized, is to provide meaningful, relevant and accurate information, in  clear  a

What is a safe system of work, Question 1: Employers should conduct pro...

Question 1: Employers should conduct proper health risk assessment in order to identify and control health risks before they lead to losses. Describe the four stages involved i

Discuss the application of the actuarial control cycle, Question 1: (i)...

Question 1: (i) Define the following by giving an example: (a) Systemic risk (b) Diversifiable risk (ii) List and describe briefly the different types of ri

Explain extension and contraction risk, Question 1 (a)  Prepayment r...

Question 1 (a)  Prepayment refers to paying principal on a security before the due date. Prepayment risk is the risk associated with the early unscheduled return of principal

describe a risk-free strategy and delta-hedging position, Explain how you ...

Explain how you would hedge a short position in a European (plain vanilla) call with six  weeks to maturity if the spot price is 60, the strike is 65 and σ = 0.3, r=0.1. You rehedg

Systematic risk, Systematic Risk Systematic risk is any risk which affe...

Systematic Risk Systematic risk is any risk which affects the value of a huge number of assets; therefore, each asset will have a various degree of sensitivity to the underlyin

Liquidity risk managment, how to write the literature review on liquidity r...

how to write the literature review on liquidity risk management and supervision

Defined contributionm, managing risks in investing defined contribution fun...

managing risks in investing defined contribution funds

Beta- measure of systematic risk, Beta- measure of systematic risk for an i...

Beta- measure of systematic risk for an investor who holds the shares of one company, it is total variance that is more relevant. But for most usual active investor who wishes to d

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd