Mengenai perbedaan antara ISO 27001:2013 dan ISO 27001:2005 di antaranya adalah susunan kendali keamanan pada Annex A telah berubah menjadi:
- A.5: Information security policies
- A.6: Information security organisation
- A.7: Human resources security
- A.8: Asset management
- A.9: Access controls and managing user access
- A.10: Cryptographic technology
- A.11: Physical security
- A.12: Operational security
- A.13: Secure communications and data transfer
- A.14: Secure acquisition, development, and support of information systems
- A.15: Security for suppliers and third parties
- A.16: Incident management
- A.17: Business continuity/disaster recovery
- A.18: Compliance
This blog is very useful to me, Thanks for sharing....
ReplyDeleteiso 27001:2013 adalah