Asset management: Responsibility for assets (Clause A.8.1)

Contents

• Introduction Introduction

  • Introduction to the Annex A controls

    1m 56s
• 1. Policies and the Organization of Information Security (Clauses A.5 and A.6) 1. Policies and the Organization of Information Security (Clauses A.5 and A.6)

  • (Locked)
    Management direction for information security (Clause A.5.1)

    3m 26s
  • Information security roles and responsibilities and segregation of duties (Clauses A.6.1.1 and A.6.1.2)

    3m 12s
  • (Locked)
    Contact with authorities and special interest groups and information security in project management (Clauses A.6.1.3, A.6.1.4, and A.6.1.5)

    4m 41s
  • Mobile device policy and teleworking (Clauses A.6.2.1 and A.6.2.2)

    2m 47s
• 2. Human Resources Security (Clause A.7) 2. Human Resources Security (Clause A.7)

  • (Locked)
    Human resources security: Prior to employment (Clause A.7.1)

    3m 17s
  • Human resources security: During employment (Clause A.7.2)

    3m 46s
  • (Locked)
    Human resources security: Termination and change of employment (Clause A.7.3)

    2m 9s
• 3. Asset Management (Clause A.8) 3. Asset Management (Clause A.8)

  • (Locked)
    Asset management: Responsibility for assets (Clause A.8.1)

    3m 39s
  • Asset management: Information classification (Clause A.8.2)

    4m 27s
  • (Locked)
    Asset management: Media handling (Clause A.8.3)

    3m 20s
• 4. Access Control and Cryptography (Clauses A.9 and A.10) 4. Access Control and Cryptography (Clauses A.9 and A.10)

  • (Locked)
    Access control: Business requirements of access control (Clause A.9.1)

    3m 16s
  • (Locked)
    Access control: User access management and user responsibilities (Clauses A.9.2 and A.9.3)

    6m 41s
  • (Locked)
    Access control: System and application access control (Clause A.9.4)

    6m 8s
  • (Locked)
    Cryptography: Cryptographic controls (Clause A.10.1)

    3m 17s
• 5. Physical and Environmental Security (Clause A.11) 5. Physical and Environmental Security (Clause A.11)

  • (Locked)
    Physical and environmental security: Secure areas (Clause A.11.1)

    4m 55s
  • (Locked)
    Physical and environmental security: Equipment (Clause A.11.2)

    6m 17s
• 6. Operations Security (Clause A.12) 6. Operations Security (Clause A.12)

  • (Locked)
    Operations security: Operational procedures and responsibilities (Clause A.12.1)

    5m 11s
  • (Locked)
    Operations security: Protection from malware (Clause A.12.2)

    1m 46s
  • (Locked)
    Operations security: Backup (Clause A.12.3)

    1m 51s
  • (Locked)
    Operations security: Logging and monitoring (Clause A.12.4)

    5m
  • (Locked)
    Operations security: Control of operational software (Clause A.12.5)

    1m 42s
  • (Locked)
    Operations security: Technical vulnerability management (Clause A.12.6)

    2m 55s
  • (Locked)
    Operations security: Information systems audit considerations (Clause A.12.7)

    1m 48s
• 7. Communications Security (Clause A.13) 7. Communications Security (Clause A.13)

  • (Locked)
    Communications security: Network security management (Clause A.13.1)

    3m 45s
  • (Locked)
    Communications security: Information transfer (Clause A.13.2)

    4m 29s
• 8. System Acquisition, Development, and Maintenance (Clause A.14) 8. System Acquisition, Development, and Maintenance (Clause A.14)

  • (Locked)
    System lifecycle: Security requirements of information systems (Clause A.14.1)

    4m 5s
  • (Locked)
    System lifecycle: Security in development and support processes (Clause A.14.2)

    6m 15s
  • (Locked)
    System lifecycle: Test data (Clause A.14.3)

    1m 48s
• 9. Supplier Relationships (Clause A.15) 9. Supplier Relationships (Clause A.15)

  • (Locked)
    Supplier relationships: Information security in supplier relationships (Clause A.15.1)

    3m 26s
  • (Locked)
    Supplier relationships: Supplier service delivery management (Clause A.15.2)

    2m 49s
• 10. Incident Management and Continuity (Clauses A.16 and A.17) 10. Incident Management and Continuity (Clauses A.16 and A.17)

  • (Locked)
    Management of information security incidents and improvements (Clause A.16.1)

    6m 1s
  • (Locked)
    Information security continuity and redundancies (Clauses A.17.1 and A.17.2)

    5m 2s
• 11. Compliance (Clause A.18) 11. Compliance (Clause A.18)

  • (Locked)
    Compliance: Compliance with legal and contractual requirements (Clause A.18.1)

    5m 7s
  • (Locked)
    Compliance: Information security reviews (Clause A.18.2)

    3m 12s
• Conclusion Conclusion

  • (Locked)
    Next steps for complying with ISO 27001

    1m 35s