InfoSec Insider

ISO 27001 Information Security Management Controls

Listen Later

In this episode of InfoSec Insider, Mark O’Kane, Consultant at URM, offers his insights into the information security management controls within Annex A of ISO 27001, which comprise the first eight controls of Annex A’s ‘Organisational’ control theme.  Mark leverages his extensive experience supporting ISO 27001 implementations to discuss:

  • What the organisational controls are, and how the first eight fit into the overall aim of the ‘Organisational’ control theme
  • The role of management and senior leadership in relation to information security, and how leadership is linked to the creation of information security policies
  • The importance of segregation of duties and clearly defined roles and responsibilities in addressing information security risk
  • How maintaining contact with authorities, special interest groups, and threat intelligence sources can help you address both security risks that may materialise and security incidents that have occurred
  • Common challenges and mistakes associated with implementing these controls, and how they can be overcome.

    • Learn more about this topic:  https://www.urmconsulting.com/blog/iso-27001-2022-a-5-organisational-controls-information-security-management

    If you enjoyed this episode of InfoSec Insider, you can leave us a rating and review here:  https://ratethispodcast.com/infosecinsider  

    You can find more episodes of InfoSec Insider here:   

    https://urmconsulting.com/podcasts  

     

    Brought to you by URM, the UK’s leading information and cyber security specialists.  

    ...more
    View all episodesView all episodes
    Download on the App Store
    InfoSec InsiderBy URM Consulting