IT Management & Cyber Security

ISO 27001 Annex : A.8.3 Media Handling  Its objective is  to Stop unauthorized release, alteration, deletion, or destruction of information contained in the media. A.8.3.1 Management of Removable Media Control-  Procedures shall be implemented for the  management  of removable media in accordance with the classification scheme adopted by the organization. Implementation Guidance-  The following guidelines should be considered for the management of removable media: If not needed, the contents of any reusable media that are to be removed from the  organization  should be made unrecoverable; Where applicable and practicable, authorization should be needed for the removal of media from the company and a record of these removals should be maintained in order to preserve the audit trail; In compliance with manufacturers’ standards, all media should be kept in a secure and safe environment; Where confidentiality or integrity of data is im...

ISO 27001 Annex : A.6.2 Mobile Devices and Teleworking  its objective is to  ensure the security of teleworking and the use of mobile devices. A.6.2.1  Mobile Device Policy   Control-  To manage the  risks   introduced by the use of mobile devices, a policy and supporting safety measures should be adopted.   Implementation Guidance-  Special care should be taken when using mobile devices to ensure that business information is not compromised. The policy on mobile devices should take into account the risks of working with mobile devices in unprotected environments. Related Product :  ISO 27001 Lead Auditor Training And Certification ISMS Mobile device policy should include:- Registration of mobile devices; Requirements for physical protection; Restriction of software installation; Requirements for mobile device software versions and for applying patches; Restriction of connection to information services; Access contr...