Requirement of relevant control of iso, Risk Management

Assignment Help:

Question:

For each of the situations below:-

(a) Mention most relevant clause of ISO 27001:2005

(b) Whether the practice followed in the organization is appropriate and implemented as per the requirement of relevant control of ISO 27001. If not, indicate the deviation

S1 An organization has planned to take third party service for managing its enterprise resource planning software. It also expects that the contracted supplier shall attend the problem within an hour the complaint is lodged to the party. How the organization ensures its requirements are taken care of by the third party and which control of ISO 27001 is applicable?

S2 A large organization has outsourced the data centre activities to a well known supplier. All the possible requirements as identified in terms of SLA and non-disclosure agreement as required, have been entered in the contract as part of ISMS implementation in the organization. The outsourced supplier is also responsible to change the system data and only intimation is given to the parent organization. No control is available with the parent organization before or during change.

S3 The organization's policy calls for only one user with super user right. The Network Administrator went on study leave for 1 yr. and the Network Supervisor was made an adhoc administrator and allotted the super user rights. After joining of the Network Administrator from leave, both of them continued with super user rights.

S4 An organization wants to dispose of 100 old Pentium PC's and to get new model P IV 2.6 GHz in exchange. What steps should it take to meet the requirement of ISO 27001: 2005?


Related Discussions:- Requirement of relevant control of iso

Explain the risk management strategies, Explain the Risk management strateg...

Explain the Risk management strategies Retain the risk If risk is small and won't affect company's profits, company does very little and lives with i

What is industry risk, What is Industry Risk An industry may be view...

What is Industry Risk An industry may be viewed as group of companies which compete with each other to market a homogeneous product. Industry risk is that portion of an  inv

Measure of market risk, Question: DGI Investors is responsible for man...

Question: DGI Investors is responsible for managing the investment portfolio of Carnegie University Trust which has a market value of $ 100m. The new appointed chairman of t

Risk and Return – Stock Valuation, The Case: Recently after graduating from...

The Case: Recently after graduating from Local Business College (LBC), you have started your own investment consultancy firm – Prudent Consultants (PC’s) to earn your livelihood. M

Risk Analysis & Modelling , Fire Risk model 1 1. Introduction The new All...

Fire Risk model 1 1. Introduction The new All-Scotland Fire Authority wishes to maximise the effectiveness of the service it provides to the Public, given the reduced budget it w

Risk, Explain how budget planning is related risk management

Explain how budget planning is related risk management

Stock exchange, what are the listing procedures for a company in internatio...

what are the listing procedures for a company in international stock exchange

Steps that a project manager include in risk management, Risk management is...

Risk management is an important aspect of managing a project in order to ensure that the project objectives are completed successfully and with the minimum of undesirable events. T

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd