SlideShare a Scribd company logo

Control a.18 compliance - by software outsourcing company in India

Download as PPTX, PDF
iFour Consultancy
iFour Consultancy

This presentation explain the ISO Control a.18 compliance by software outsourcing company in India http://www.ifourtechnolab.com/

Technology
1 of 12
iFour ConsultancyControl A.18 : Compliance
 A.18.1  A.18.1.1 – A.18.1.5  A.18.2  A.18.2.1 – A.18.2.3  References Contents Application Development Company Indiahttp://www.ifourtechnolab.com
A.18.1 This control is about compliance with legal and contractual requirements. Control objective:  To avoid breaches of legal, statutory, regulatory or contractual obligations related to information security and of any security requirements.  Organization has to follow legal and contractual requirements otherwise non-conformity can be given to that organization. Application Development Company Indiahttp://www.ifourtechnolab.com
 This control explains identification of applicable legislation and contractual requirements.  Control objective:  All relevant legislative statutory, regulatory, contractual requirements and the organization’s approach to meet these requirements shall be explicitly identified, documented and kept up to date for each information system and the organization. A.18.1.1 Application Development Company Indiahttp://www.ifourtechnolab.com
A.18.1.2 : Intellectual property rights  This control is about all intellectual property rights like copyright, patent etc to avoid unauthorized access to intellectual property of organization. Control Objective:  Appropriate procedures shall be implemented to ensure compliance with legislative, regulatory and contractual requirements related to intellectual property rights and use of proprietary software products. Application Development Company Indiahttp://www.ifourtechnolab.com
 Control A.18.1.3 explains how records should be protected after any natural disaster like earthquake, fire or any loss.  Organization should take safety measures for business continuity and disaster recovery.  Control objective:  Records shall be protected from loss, destruction, falsification, unauthorized access and unauthorized release, in accordance with legislatory, contractual and business requirements. A.18.1.3 : Protection of records Application Development Company Indiahttp://www.ifourtechnolab.com
A.18.1.4 and A.18.1.5  Control A.18.1.4 : Privacy and protection of personally identifiable information  Objective of A.18.1.4:  Privacy and protection of personally identifiable information shall be ensured as required in relevant legislation and regulation where applicable.  Control A.18.1.5 : Regulation of cryptographic controls  Objective of A.18.1.5:  Cryptographic controls shall be used in compliance with all relevant agreements, legislation and regulations. Application Development Company Indiahttp://www.ifourtechnolab.com
A.18.2 : Information security reviews  Control Objective:  To ensure that information security is implemented and operated in accordance with the organizational policies and procedures.  Organizational policies and procedures are reviewed by an auditor.  If these policies are not compliant then auditor will give non-conformity or suggestion. Application Development Company Indiahttp://www.ifourtechnolab.com
 This control is about Independent review of information security.  Control objective:  The organization’s approach to managing information security and its implementation shall be reviewed independently at planned intervals or when significant changes occur.  Implementation of information security:  Control objectives  Controls  Policies  Processes  Procedures A.18.2.1 Application Development Company Indiahttp://www.ifourtechnolab.com
 A.18.2.2 : Compliance with security policies and standards  Control objective:  Managers shall regularly review the compliance of information processing and procedures within their area of responsibility with the appropriate security policies, standards and any other security requirements.  A.18.2.3 : Technical compliance review  Control objective:  Information systems shall be regularly reviewed for compliance with the organization’s information security policies and standards. A.18.2.2 and A.18.2.3 Application Development Company Indiahttp://www.ifourtechnolab.com
References http://www.slideshare.net/null0x00/iso-27001-2013-changes http://www.bsigroup.com/LocalFiles/en-GB/iso-iec-27001/resources/BSI- ISO27001-transition-guide-UK-EN-pdf.pdf https://en.wikipedia.org/wiki/ISO/IEC_27001:2013 http://www.iso27001security.com/html/27001.html Application Development Company Indiahttp://www.ifourtechnolab.com
iFour Consultancy Services  Visit these websites for more details: http://www.ifour-consultancy.com http://www.ifourtechnolab.com THANK YOU!!! Application Development Company Indiahttp://www.ifourtechnolab.com

Recommended

Iso 27001 control a.7.2 – during employment - by software outsourcing company...
Iso 27001 control a.7.2 – during employment - by software outsourcing company...Iso 27001 control a.7.2 – during employment - by software outsourcing company...
Iso 27001 control a.7.2 – during employment - by software outsourcing company...iFour Consultancy
 
ISO 27001 management clause 7 support - by software development company in india
ISO 27001 management clause 7 support - by software development company in indiaISO 27001 management clause 7 support - by software development company in india
ISO 27001 management clause 7 support - by software development company in indiaiFour Consultancy
 
A18 compliance
A18 complianceA18 compliance
A18 complianceifourkhushbooshah
 
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...iFour Consultancy
 
ISO 27001 2013 A12 Operations Security Part 2 - by Software development compa...
ISO 27001 2013 A12 Operations Security Part 2 - by Software development compa...ISO 27001 2013 A12 Operations Security Part 2 - by Software development compa...
ISO 27001 2013 A12 Operations Security Part 2 - by Software development compa...iFour Consultancy
 
Iso 27001 control a.12.1,a.12.2 & a.12.3 - by software outsourcing company in...
Iso 27001 control a.12.1,a.12.2 & a.12.3 - by software outsourcing company in...Iso 27001 control a.12.1,a.12.2 & a.12.3 - by software outsourcing company in...
Iso 27001 control a.12.1,a.12.2 & a.12.3 - by software outsourcing company in...iFour Consultancy
 
ISO 270001 Management Clause - 6
ISO 270001 Management Clause - 6ISO 270001 Management Clause - 6
ISO 270001 Management Clause - 6Pooja Soni
 
IS Audit Checklist- by Software development company in india
IS Audit Checklist- by Software development company in indiaIS Audit Checklist- by Software development company in india
IS Audit Checklist- by Software development company in indiaiFour Consultancy
 

Recommended

Iso 27001 control a.7.2 – during employment - by software outsourcing company...
Iso 27001 control a.7.2 – during employment - by software outsourcing company...Iso 27001 control a.7.2 – during employment - by software outsourcing company...
Iso 27001 control a.7.2 – during employment - by software outsourcing company...iFour Consultancy
 
ISO 27001 management clause 7 support - by software development company in india
ISO 27001 management clause 7 support - by software development company in indiaISO 27001 management clause 7 support - by software development company in india
ISO 27001 management clause 7 support - by software development company in indiaiFour Consultancy
 
A18 compliance
A18 complianceA18 compliance
A18 complianceifourkhushbooshah
 
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...iFour Consultancy
 
ISO 27001 2013 A12 Operations Security Part 2 - by Software development compa...
ISO 27001 2013 A12 Operations Security Part 2 - by Software development compa...ISO 27001 2013 A12 Operations Security Part 2 - by Software development compa...
ISO 27001 2013 A12 Operations Security Part 2 - by Software development compa...iFour Consultancy
 
Iso 27001 control a.12.1,a.12.2 & a.12.3 - by software outsourcing company in...
Iso 27001 control a.12.1,a.12.2 & a.12.3 - by software outsourcing company in...Iso 27001 control a.12.1,a.12.2 & a.12.3 - by software outsourcing company in...
Iso 27001 control a.12.1,a.12.2 & a.12.3 - by software outsourcing company in...iFour Consultancy
 
ISO 270001 Management Clause - 6
ISO 270001 Management Clause - 6ISO 270001 Management Clause - 6
ISO 270001 Management Clause - 6Pooja Soni
 
IS Audit Checklist- by Software development company in india
IS Audit Checklist- by Software development company in indiaIS Audit Checklist- by Software development company in india
IS Audit Checklist- by Software development company in indiaiFour Consultancy
 
A11 part 1
A11 part 1A11 part 1
A11 part 1ifourkhushbooshah
 
Comparision of ISO with NIST and COBIT framework
Comparision of ISO with NIST and COBIT frameworkComparision of ISO with NIST and COBIT framework
Comparision of ISO with NIST and COBIT frameworkPooja Soni
 
Security audits & compliance
Security audits & complianceSecurity audits & compliance
Security audits & complianceVandana Verma
 
Is iso 27001, an answer to security
Is iso 27001, an answer to securityIs iso 27001, an answer to security
Is iso 27001, an answer to securityRaghunath G
 
Shivani shukla_B38_KnowledgeManagement
Shivani shukla_B38_KnowledgeManagementShivani shukla_B38_KnowledgeManagement
Shivani shukla_B38_KnowledgeManagementshivanishuks
 
ISO 27001 Certification: An All-Access Pass
ISO 27001 Certification: An All-Access PassISO 27001 Certification: An All-Access Pass
ISO 27001 Certification: An All-Access PassA-lign
 
Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentationMidhun Nirmal
 
ISO/IEC 27001:2005
ISO/IEC 27001:2005ISO/IEC 27001:2005
ISO/IEC 27001:2005Fuangwith Sopharath
 
Lead Auditor Course on ISO 27001:2013 (ISMS) - IRCA
Lead Auditor Course on ISO 27001:2013 (ISMS) - IRCALead Auditor Course on ISO 27001:2013 (ISMS) - IRCA
Lead Auditor Course on ISO 27001:2013 (ISMS) - IRCAmyTectra Learning Solutions Private Ltd
 
Information Security Management
Information Security ManagementInformation Security Management
Information Security ManagementEC-Council
 
IoT security compliance checklist
IoT security compliance checklist IoT security compliance checklist
IoT security compliance checklist PriyaNemade
 
Transitioning to iso 27001 2013
Transitioning to iso 27001 2013Transitioning to iso 27001 2013
Transitioning to iso 27001 2013SAIGlobalAssurance
 
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA
 
Presentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMPresentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMShantanu Rai
 
How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?PECB
 
Iso 27001 2013 clause 6 - planning - by Software development company in india
Iso 27001 2013 clause 6 - planning - by Software development company in indiaIso 27001 2013 clause 6 - planning - by Software development company in india
Iso 27001 2013 clause 6 - planning - by Software development company in indiaiFour Consultancy
 
Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001Chandan Singh Ghodela
 
ISMS implementation challenges-KASYS
ISMS implementation challenges-KASYSISMS implementation challenges-KASYS
ISMS implementation challenges-KASYSReza Teynia ISMS, ITSM, MSc
 
What is iso 27001 isms
What is iso 27001 ismsWhat is iso 27001 isms
What is iso 27001 ismsCraig Willetts ISO Expert
 
Integrated Compliance – Collect Evidence Once, Certify to Many
Integrated Compliance – Collect Evidence Once, Certify to ManyIntegrated Compliance – Collect Evidence Once, Certify to Many
Integrated Compliance – Collect Evidence Once, Certify to ManyControlCase
 
Watkins Meegan: Compliance with FAR Ethics Requirements
Watkins Meegan: Compliance with FAR Ethics RequirementsWatkins Meegan: Compliance with FAR Ethics Requirements
Watkins Meegan: Compliance with FAR Ethics RequirementsAndrea Contres Moore, MBA
 
Security Audits of Electronic Health I.docx
Security Audits of Electronic Health I.docxSecurity Audits of Electronic Health I.docx
Security Audits of Electronic Health I.docxkenjordan97598
 

More Related Content

What's hot

Comparision of ISO with NIST and COBIT framework
Comparision of ISO with NIST and COBIT frameworkComparision of ISO with NIST and COBIT framework
Comparision of ISO with NIST and COBIT frameworkPooja Soni
 
Security audits & compliance
Security audits & complianceSecurity audits & compliance
Security audits & complianceVandana Verma
 
Is iso 27001, an answer to security
Is iso 27001, an answer to securityIs iso 27001, an answer to security
Is iso 27001, an answer to securityRaghunath G
 
Shivani shukla_B38_KnowledgeManagement
Shivani shukla_B38_KnowledgeManagementShivani shukla_B38_KnowledgeManagement
Shivani shukla_B38_KnowledgeManagementshivanishuks
 
ISO 27001 Certification: An All-Access Pass
ISO 27001 Certification: An All-Access PassISO 27001 Certification: An All-Access Pass
ISO 27001 Certification: An All-Access PassA-lign
 
Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentationMidhun Nirmal
 
Information Security Management
Information Security ManagementInformation Security Management
Information Security ManagementEC-Council
 
IoT security compliance checklist
IoT security compliance checklist IoT security compliance checklist
IoT security compliance checklist PriyaNemade
 
Transitioning to iso 27001 2013
Transitioning to iso 27001 2013Transitioning to iso 27001 2013
Transitioning to iso 27001 2013SAIGlobalAssurance
 
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA
 
Presentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMPresentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMShantanu Rai
 
How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?PECB
 
Iso 27001 2013 clause 6 - planning - by Software development company in india
Iso 27001 2013 clause 6 - planning - by Software development company in indiaIso 27001 2013 clause 6 - planning - by Software development company in india
Iso 27001 2013 clause 6 - planning - by Software development company in indiaiFour Consultancy
 
Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001Chandan Singh Ghodela
 
Integrated Compliance – Collect Evidence Once, Certify to Many
Integrated Compliance – Collect Evidence Once, Certify to ManyIntegrated Compliance – Collect Evidence Once, Certify to Many
Integrated Compliance – Collect Evidence Once, Certify to ManyControlCase
 

What's hot (20)

A11 part 1
A11 part 1A11 part 1
A11 part 1
 
Comparision of ISO with NIST and COBIT framework
Comparision of ISO with NIST and COBIT frameworkComparision of ISO with NIST and COBIT framework
Comparision of ISO with NIST and COBIT framework
 
Security audits & compliance
Security audits & complianceSecurity audits & compliance
Security audits & compliance
 
Is iso 27001, an answer to security
Is iso 27001, an answer to securityIs iso 27001, an answer to security
Is iso 27001, an answer to security
 
Shivani shukla_B38_KnowledgeManagement
Shivani shukla_B38_KnowledgeManagementShivani shukla_B38_KnowledgeManagement
Shivani shukla_B38_KnowledgeManagement
 
ISO 27001 Certification: An All-Access Pass
ISO 27001 Certification: An All-Access PassISO 27001 Certification: An All-Access Pass
ISO 27001 Certification: An All-Access Pass
 
Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentation
 
ISO/IEC 27001:2005
ISO/IEC 27001:2005ISO/IEC 27001:2005
ISO/IEC 27001:2005
 
Lead Auditor Course on ISO 27001:2013 (ISMS) - IRCA
Lead Auditor Course on ISO 27001:2013 (ISMS) - IRCALead Auditor Course on ISO 27001:2013 (ISMS) - IRCA
Lead Auditor Course on ISO 27001:2013 (ISMS) - IRCA
 
Information Security Management
Information Security ManagementInformation Security Management
Information Security Management
 
IoT security compliance checklist
IoT security compliance checklist IoT security compliance checklist
IoT security compliance checklist
 
Transitioning to iso 27001 2013
Transitioning to iso 27001 2013Transitioning to iso 27001 2013
Transitioning to iso 27001 2013
 
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation Guide
 
Presentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMPresentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCM
 
How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?
 
Iso 27001 2013 clause 6 - planning - by Software development company in india
Iso 27001 2013 clause 6 - planning - by Software development company in indiaIso 27001 2013 clause 6 - planning - by Software development company in india
Iso 27001 2013 clause 6 - planning - by Software development company in india
 
Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001
 
ISMS implementation challenges-KASYS
ISMS implementation challenges-KASYSISMS implementation challenges-KASYS
ISMS implementation challenges-KASYS
 
What is iso 27001 isms
What is iso 27001 ismsWhat is iso 27001 isms
What is iso 27001 isms
 
Integrated Compliance – Collect Evidence Once, Certify to Many
Integrated Compliance – Collect Evidence Once, Certify to ManyIntegrated Compliance – Collect Evidence Once, Certify to Many
Integrated Compliance – Collect Evidence Once, Certify to Many
 

Similar to Control a.18 compliance - by software outsourcing company in India

Watkins Meegan: Compliance with FAR Ethics Requirements
Watkins Meegan: Compliance with FAR Ethics RequirementsWatkins Meegan: Compliance with FAR Ethics Requirements
Watkins Meegan: Compliance with FAR Ethics RequirementsAndrea Contres Moore, MBA
 
Security Audits of Electronic Health I.docx
Security Audits of Electronic Health I.docxSecurity Audits of Electronic Health I.docx
Security Audits of Electronic Health I.docxkenjordan97598
 
Security Audits of Electronic Health I.docx
Security Audits of Electronic Health I.docxSecurity Audits of Electronic Health I.docx
Security Audits of Electronic Health I.docxbagotjesusa
 
Healthcare Compliance: HIPAA and HITRUST
Healthcare Compliance: HIPAA and HITRUSTHealthcare Compliance: HIPAA and HITRUST
Healthcare Compliance: HIPAA and HITRUSTControlCase
 
20160317 ARMA Wyoming Governance for Social Media
20160317 ARMA Wyoming Governance for Social Media20160317 ARMA Wyoming Governance for Social Media
20160317 ARMA Wyoming Governance for Social MediaJesse Wilkins
 
Contractor Responsibilities under the Federal Information Security Management...
Contractor Responsibilities under the Federal Information Security Management...Contractor Responsibilities under the Federal Information Security Management...
Contractor Responsibilities under the Federal Information Security Management...padler01
 
Meaningful Use Core Measure 15 Webinar
Meaningful Use Core Measure 15 WebinarMeaningful Use Core Measure 15 Webinar
Meaningful Use Core Measure 15 WebinarCompliancy Group
 
FIDO Authentication and GDPR
FIDO Authentication and GDPRFIDO Authentication and GDPR
FIDO Authentication and GDPRFIDO Alliance
 
Understanding Federal IT Compliance in Three Steps - SharePoint Fest DC
Understanding Federal IT Compliance in Three Steps - SharePoint Fest DCUnderstanding Federal IT Compliance in Three Steps - SharePoint Fest DC
Understanding Federal IT Compliance in Three Steps - SharePoint Fest DCAdam Levithan
 
Tendencias globales en la regulación de la IA y estándares tecnológicos asoci...
Tendencias globales en la regulación de la IA y estándares tecnológicos asoci...Tendencias globales en la regulación de la IA y estándares tecnológicos asoci...
Tendencias globales en la regulación de la IA y estándares tecnológicos asoci...Comisión de Regulación de Comunicaciones
 
ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2Tanmay Shinde
 
Explain your algorithmic decisions for gdpr
Explain your algorithmic decisions for gdprExplain your algorithmic decisions for gdpr
Explain your algorithmic decisions for gdprPierre Feillet
 
An Overview of the Major Compliance Requirements
An Overview of the Major Compliance RequirementsAn Overview of the Major Compliance Requirements
An Overview of the Major Compliance RequirementsDoubleHorn
 
Fundamentals of Information Systems Security Chapter 7
Fundamentals of Information Systems Security Chapter 7Fundamentals of Information Systems Security Chapter 7
Fundamentals of Information Systems Security Chapter 7Dr. Ahmed Al Zaidy
 
Get Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security SolutionGet Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security SolutionPrecisely
 
Privacy & Security Controls In Vendor Management Al Raymond
Privacy & Security Controls In Vendor Management Al RaymondPrivacy & Security Controls In Vendor Management Al Raymond
Privacy & Security Controls In Vendor Management Al Raymondspencerharry
 
Kuliah Sesi ke-01 Control & Audit [080616].pptx
Kuliah Sesi ke-01 Control & Audit [080616].pptxKuliah Sesi ke-01 Control & Audit [080616].pptx
Kuliah Sesi ke-01 Control & Audit [080616].pptxReza743349
 

Similar to Control a.18 compliance - by software outsourcing company in India (20)

Watkins Meegan: Compliance with FAR Ethics Requirements
Watkins Meegan: Compliance with FAR Ethics RequirementsWatkins Meegan: Compliance with FAR Ethics Requirements
Watkins Meegan: Compliance with FAR Ethics Requirements
 
Security Audits of Electronic Health I.docx
Security Audits of Electronic Health I.docxSecurity Audits of Electronic Health I.docx
Security Audits of Electronic Health I.docx
 
Security Audits of Electronic Health I.docx
Security Audits of Electronic Health I.docxSecurity Audits of Electronic Health I.docx
Security Audits of Electronic Health I.docx
 
Healthcare Compliance: HIPAA and HITRUST
Healthcare Compliance: HIPAA and HITRUSTHealthcare Compliance: HIPAA and HITRUST
Healthcare Compliance: HIPAA and HITRUST
 
20160317 ARMA Wyoming Governance for Social Media
20160317 ARMA Wyoming Governance for Social Media20160317 ARMA Wyoming Governance for Social Media
20160317 ARMA Wyoming Governance for Social Media
 
Contractor Responsibilities under the Federal Information Security Management...
Contractor Responsibilities under the Federal Information Security Management...Contractor Responsibilities under the Federal Information Security Management...
Contractor Responsibilities under the Federal Information Security Management...
 
Meaningful Use Core Measure 15 Webinar
Meaningful Use Core Measure 15 WebinarMeaningful Use Core Measure 15 Webinar
Meaningful Use Core Measure 15 Webinar
 
VG PPT.docx
VG PPT.docxVG PPT.docx
VG PPT.docx
 
FIDO Authentication and GDPR
FIDO Authentication and GDPRFIDO Authentication and GDPR
FIDO Authentication and GDPR
 
Understanding Federal IT Compliance in Three Steps - SharePoint Fest DC
Understanding Federal IT Compliance in Three Steps - SharePoint Fest DCUnderstanding Federal IT Compliance in Three Steps - SharePoint Fest DC
Understanding Federal IT Compliance in Three Steps - SharePoint Fest DC
 
Funsec3e ppt ch07
Funsec3e ppt ch07Funsec3e ppt ch07
Funsec3e ppt ch07
 
Tendencias globales en la regulación de la IA y estándares tecnológicos asoci...
Tendencias globales en la regulación de la IA y estándares tecnológicos asoci...Tendencias globales en la regulación de la IA y estándares tecnológicos asoci...
Tendencias globales en la regulación de la IA y estándares tecnológicos asoci...
 
ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2
 
Explain your algorithmic decisions for gdpr
Explain your algorithmic decisions for gdprExplain your algorithmic decisions for gdpr
Explain your algorithmic decisions for gdpr
 
An Overview of the Major Compliance Requirements
An Overview of the Major Compliance RequirementsAn Overview of the Major Compliance Requirements
An Overview of the Major Compliance Requirements
 
Safety audit
Safety audit Safety audit
Safety audit
 
Fundamentals of Information Systems Security Chapter 7
Fundamentals of Information Systems Security Chapter 7Fundamentals of Information Systems Security Chapter 7
Fundamentals of Information Systems Security Chapter 7
 
Get Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security SolutionGet Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security Solution
 
Privacy & Security Controls In Vendor Management Al Raymond
Privacy & Security Controls In Vendor Management Al RaymondPrivacy & Security Controls In Vendor Management Al Raymond
Privacy & Security Controls In Vendor Management Al Raymond
 
Kuliah Sesi ke-01 Control & Audit [080616].pptx
Kuliah Sesi ke-01 Control & Audit [080616].pptxKuliah Sesi ke-01 Control & Audit [080616].pptx
Kuliah Sesi ke-01 Control & Audit [080616].pptx
 

Recently uploaded

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 

Recently uploaded (20)

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 

Control a.18 compliance - by software outsourcing company in India

  • 2.  A.18.1  A.18.1.1 – A.18.1.5  A.18.2  A.18.2.1 – A.18.2.3  References Contents Application Development Company Indiahttp://www.ifourtechnolab.com
  • 3. A.18.1 This control is about compliance with legal and contractual requirements. Control objective:  To avoid breaches of legal, statutory, regulatory or contractual obligations related to information security and of any security requirements.  Organization has to follow legal and contractual requirements otherwise non-conformity can be given to that organization. Application Development Company Indiahttp://www.ifourtechnolab.com
  • 4.  This control explains identification of applicable legislation and contractual requirements.  Control objective:  All relevant legislative statutory, regulatory, contractual requirements and the organization’s approach to meet these requirements shall be explicitly identified, documented and kept up to date for each information system and the organization. A.18.1.1 Application Development Company Indiahttp://www.ifourtechnolab.com
  • 5. A.18.1.2 : Intellectual property rights  This control is about all intellectual property rights like copyright, patent etc to avoid unauthorized access to intellectual property of organization. Control Objective:  Appropriate procedures shall be implemented to ensure compliance with legislative, regulatory and contractual requirements related to intellectual property rights and use of proprietary software products. Application Development Company Indiahttp://www.ifourtechnolab.com
  • 6.  Control A.18.1.3 explains how records should be protected after any natural disaster like earthquake, fire or any loss.  Organization should take safety measures for business continuity and disaster recovery.  Control objective:  Records shall be protected from loss, destruction, falsification, unauthorized access and unauthorized release, in accordance with legislatory, contractual and business requirements. A.18.1.3 : Protection of records Application Development Company Indiahttp://www.ifourtechnolab.com
  • 7. A.18.1.4 and A.18.1.5  Control A.18.1.4 : Privacy and protection of personally identifiable information  Objective of A.18.1.4:  Privacy and protection of personally identifiable information shall be ensured as required in relevant legislation and regulation where applicable.  Control A.18.1.5 : Regulation of cryptographic controls  Objective of A.18.1.5:  Cryptographic controls shall be used in compliance with all relevant agreements, legislation and regulations. Application Development Company Indiahttp://www.ifourtechnolab.com
  • 8. A.18.2 : Information security reviews  Control Objective:  To ensure that information security is implemented and operated in accordance with the organizational policies and procedures.  Organizational policies and procedures are reviewed by an auditor.  If these policies are not compliant then auditor will give non-conformity or suggestion. Application Development Company Indiahttp://www.ifourtechnolab.com
  • 9.  This control is about Independent review of information security.  Control objective:  The organization’s approach to managing information security and its implementation shall be reviewed independently at planned intervals or when significant changes occur.  Implementation of information security:  Control objectives  Controls  Policies  Processes  Procedures A.18.2.1 Application Development Company Indiahttp://www.ifourtechnolab.com
  • 10.  A.18.2.2 : Compliance with security policies and standards  Control objective:  Managers shall regularly review the compliance of information processing and procedures within their area of responsibility with the appropriate security policies, standards and any other security requirements.  A.18.2.3 : Technical compliance review  Control objective:  Information systems shall be regularly reviewed for compliance with the organization’s information security policies and standards. A.18.2.2 and A.18.2.3 Application Development Company Indiahttp://www.ifourtechnolab.com
  • 12. iFour Consultancy Services  Visit these websites for more details: http://www.ifour-consultancy.com http://www.ifourtechnolab.com THANK YOU!!! Application Development Company Indiahttp://www.ifourtechnolab.com

Editor's Notes

  1. Application Development Company India - http://www.ifourtechnolab.com/
  2. Application Development Company India - http://www.ifourtechnolab.com/
  3. Application Development Company India - http://www.ifourtechnolab.com/
  4. Application Development Company India - http://www.ifourtechnolab.com/
  5. Application Development Company India - http://www.ifourtechnolab.com/
  6. Application Development Company India - http://www.ifourtechnolab.com/
  7. Application Development Company India - http://www.ifourtechnolab.com/
  8. Application Development Company India - http://www.ifourtechnolab.com/
  9. Application Development Company India - http://www.ifourtechnolab.com/
  10. Application Development Company India - http://www.ifourtechnolab.com/
  11. Application Development Company India - http://www.ifourtechnolab.com/
  12. Application Development Company India - http://www.ifourtechnolab.com/