Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Control a.18 compliance - by software outsourcing company in India

This presentation explain the ISO Control a.18 compliance by software outsourcing company in India
http://www.ifourtechnolab.com/

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all
  • Be the first to comment

  • Be the first to like this

Control a.18 compliance - by software outsourcing company in India

  1. 1. iFour ConsultancyControl A.18 : Compliance
  2. 2.  A.18.1  A.18.1.1 – A.18.1.5  A.18.2  A.18.2.1 – A.18.2.3  References Contents Application Development Company Indiahttp://www.ifourtechnolab.com
  3. 3. A.18.1 This control is about compliance with legal and contractual requirements. Control objective:  To avoid breaches of legal, statutory, regulatory or contractual obligations related to information security and of any security requirements.  Organization has to follow legal and contractual requirements otherwise non-conformity can be given to that organization. Application Development Company Indiahttp://www.ifourtechnolab.com
  4. 4.  This control explains identification of applicable legislation and contractual requirements.  Control objective:  All relevant legislative statutory, regulatory, contractual requirements and the organization’s approach to meet these requirements shall be explicitly identified, documented and kept up to date for each information system and the organization. A.18.1.1 Application Development Company Indiahttp://www.ifourtechnolab.com
  5. 5. A.18.1.2 : Intellectual property rights  This control is about all intellectual property rights like copyright, patent etc to avoid unauthorized access to intellectual property of organization. Control Objective:  Appropriate procedures shall be implemented to ensure compliance with legislative, regulatory and contractual requirements related to intellectual property rights and use of proprietary software products. Application Development Company Indiahttp://www.ifourtechnolab.com
  6. 6.  Control A.18.1.3 explains how records should be protected after any natural disaster like earthquake, fire or any loss.  Organization should take safety measures for business continuity and disaster recovery.  Control objective:  Records shall be protected from loss, destruction, falsification, unauthorized access and unauthorized release, in accordance with legislatory, contractual and business requirements. A.18.1.3 : Protection of records Application Development Company Indiahttp://www.ifourtechnolab.com
  7. 7. A.18.1.4 and A.18.1.5  Control A.18.1.4 : Privacy and protection of personally identifiable information  Objective of A.18.1.4:  Privacy and protection of personally identifiable information shall be ensured as required in relevant legislation and regulation where applicable.  Control A.18.1.5 : Regulation of cryptographic controls  Objective of A.18.1.5:  Cryptographic controls shall be used in compliance with all relevant agreements, legislation and regulations. Application Development Company Indiahttp://www.ifourtechnolab.com
  8. 8. A.18.2 : Information security reviews  Control Objective:  To ensure that information security is implemented and operated in accordance with the organizational policies and procedures.  Organizational policies and procedures are reviewed by an auditor.  If these policies are not compliant then auditor will give non-conformity or suggestion. Application Development Company Indiahttp://www.ifourtechnolab.com
  9. 9.  This control is about Independent review of information security.  Control objective:  The organization’s approach to managing information security and its implementation shall be reviewed independently at planned intervals or when significant changes occur.  Implementation of information security:  Control objectives  Controls  Policies  Processes  Procedures A.18.2.1 Application Development Company Indiahttp://www.ifourtechnolab.com
  10. 10.  A.18.2.2 : Compliance with security policies and standards  Control objective:  Managers shall regularly review the compliance of information processing and procedures within their area of responsibility with the appropriate security policies, standards and any other security requirements.  A.18.2.3 : Technical compliance review  Control objective:  Information systems shall be regularly reviewed for compliance with the organization’s information security policies and standards. A.18.2.2 and A.18.2.3 Application Development Company Indiahttp://www.ifourtechnolab.com
  11. 11. References http://www.slideshare.net/null0x00/iso-27001-2013-changes http://www.bsigroup.com/LocalFiles/en-GB/iso-iec-27001/resources/BSI- ISO27001-transition-guide-UK-EN-pdf.pdf https://en.wikipedia.org/wiki/ISO/IEC_27001:2013 http://www.iso27001security.com/html/27001.html Application Development Company Indiahttp://www.ifourtechnolab.com
  12. 12. iFour Consultancy Services  Visit these websites for more details: http://www.ifour-consultancy.com http://www.ifourtechnolab.com THANK YOU!!! Application Development Company Indiahttp://www.ifourtechnolab.com

    Be the first to comment

    Login to see the comments

This presentation explain the ISO Control a.18 compliance by software outsourcing company in India http://www.ifourtechnolab.com/

Views

Total views

276

On Slideshare

0

From embeds

0

Number of embeds

1

Actions

Downloads

46

Shares

0

Comments

0

Likes

0

×