API tools faq
paste
opexxx

Information Security Assessment ISA4.txt

opexxx
May 5th, 2021 (edited)
141
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.62 KB | None | 0 0
raw download clone embed print report
  1. 01.1 Release of an Information Security Management System (ISMS)
  2. 01.2 IS Risk Management
  3. 01.3 Effectiveness of the ISMS
  4. 05.1 Information Security Policy
  5. 06.1 Assigning responsibility for information security
  6. 06.2 Information Security in projects
  7. 06.3 Mobile devices
  8. 06.3.a (new) Teleworking
  9. 06.4 Roles and responsibilities for external IT service providers
  10. 07.1 "Contractual information security obligation
  11. of employees"
  12. 07.1.a (new) Qualification of employee(s)
  13. 07.2 Awareness and training of employees
  14. 08.1 Inventory of assets
  15. 08.2 Classification of information
  16. 08.3 Storage of information on mobile data storage devices
  17. 08.4 Removal of externally stored information assets
  18. 09.1 Access to networks and network services
  19. 09.2 User registration
  20. 09.2.a (new) Handling of identification means
  21. 09.3 Privileged user accounts
  22. 09.4 Confidentiality of authentication data
  23. 09.5 Access to information and applications
  24. 09.6 Separation of information in shared environments
  25. 10.1 Encryption
  26. 11.1 Security zones
  27. 11.2 Protection against external influences and external threats
  28. 11.3 Protective measures in the delivery and shipping area
  29. 11.4 Use of equipment
  30. 12.1 Change Management
  31. 12.2 Separation of development, testing and operational environments
  32. 12.3 Protection against malware
  33. 12.4 Backup procedures
  34. 12.5 Event logging
  35. 12.6 Logging administration activities
  36. 12.7 Tracing of vulnerabilities (patch management)
  37. 12.8 Review of information systems
  38. 12.9 Consideration of critical administrative functions of cloud services
  39. 13.1 Management of networks
  40. 13.2 Security requirements for networks/services
  41. 13.3 Separation of networks (network segmentation)
  42. 13.4 Electronic exchange of information
  43. 13.5 Non-disclosure agreements for information exchange with third parties
  44. 14.1 Requirements for the acquisition of information systems
  45. 14.2 Security in the software development process
  46. 14.3 Management of test data
  47. 14.4 Approval of external IT services
  48. 15.1 Risk management in collaboration with suppliers
  49. 15.2 Review of service provision by suppliers
  50. 16.1 Reporting system for information security incidents (incident management)
  51. 16.2 Processing of information security incidents
  52. 17.1 Information Security Aspects of Business Continuity Management (BCM)
  53. 18.1 Legal and contractual provisions
  54. 18.2 Confidentiality and protection of personally identifiable data
  55. 18.3 Audit of the ISMS by independent bodies
  56. 18.4 Effectiveness check
  57.  
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!