Sign up to save your podcasts
Or
Share How to Build IT Accountability with SoD (ISO 27001 Control 5.3)
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
How to Build IT Accountability with SoD (ISO 27001 Control 5.3)
In this episode of The ITSM Practice, Luigi Ferri explores ISO/IEC 27001:2022 Control 5.3 – Segregation of Duties (SoD). Learn how to reduce risk, design accountability, and strengthen your ISMS with actionable SoD strategies, especially in ITIL 4 environments. Master RBAC, role clarity, and audit readiness to build trust into your IT processes by design.
In this episode, we answer to:
How does ISO 27001:2022 Control 5.3 define and implement Segregation of Duties?
What are effective ways to apply RBAC and SoD in small or resource-limited teams?
How can organizations monitor, log, and prove SoD compliance for audits?
Resources Mentioned in this Episode:
ISMS-Online, article "ISO 27001:2022 Annex A 5.3 – Segregation of duties", link https://de.isms.online/iso-27001/annex-a/5-3-segregation-of-duties-2022/
Morgan Hill website, template "ISO/IEC 27002:2022 | 5.3 - Segregation of Duties Policy Template", link https://morganhillcg.com/blog/item/iso-iec-27002-2022-5-3-segregation-of-duties-policy-template-2
HighTable, article "The Ultimate Guide to ISO 27001:2022 Clause 5.3: Organisational Roles, Responsibilities and Authorities", link https://hightable.io/iso-27001-clause-5-3-organisational-roles-responsibilities-and-authorities/
Connect with me on:
LinkedIn: https://www.linkedin.com/in/theitsmpractice/
Website: http://www.theitsmpractice.com
And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.
Credits:
Sound engineering by Alan Southgate - http://alsouthgate.co.uk/
Graphics by Yulia Kolodyazhnaya
View all episodes
By Luigi FerriIn this episode of The ITSM Practice, Luigi Ferri explores ISO/IEC 27001:2022 Control 5.3 – Segregation of Duties (SoD). Learn how to reduce risk, design accountability, and strengthen your ISMS with actionable SoD strategies, especially in ITIL 4 environments. Master RBAC, role clarity, and audit readiness to build trust into your IT processes by design.
In this episode, we answer to:
How does ISO 27001:2022 Control 5.3 define and implement Segregation of Duties?
What are effective ways to apply RBAC and SoD in small or resource-limited teams?
How can organizations monitor, log, and prove SoD compliance for audits?
Resources Mentioned in this Episode:
ISMS-Online, article "ISO 27001:2022 Annex A 5.3 – Segregation of duties", link https://de.isms.online/iso-27001/annex-a/5-3-segregation-of-duties-2022/
Morgan Hill website, template "ISO/IEC 27002:2022 | 5.3 - Segregation of Duties Policy Template", link https://morganhillcg.com/blog/item/iso-iec-27002-2022-5-3-segregation-of-duties-policy-template-2
HighTable, article "The Ultimate Guide to ISO 27001:2022 Clause 5.3: Organisational Roles, Responsibilities and Authorities", link https://hightable.io/iso-27001-clause-5-3-organisational-roles-responsibilities-and-authorities/
Connect with me on:
LinkedIn: https://www.linkedin.com/in/theitsmpractice/
Website: http://www.theitsmpractice.com
And if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.
Credits:
Sound engineering by Alan Southgate - http://alsouthgate.co.uk/
Graphics by Yulia Kolodyazhnaya