SlideShare a Scribd company logo

Control a.18 compliance - by software outsourcing company in India

Download as PPTX, PDF
iFour Consultancy
iFour Consultancy

This presentation explain the ISO Control a.18 compliance by software outsourcing company in India http://www.ifourtechnolab.com/

Technology
1 of 12
iFour ConsultancyControl A.18 : Compliance
 A.18.1  A.18.1.1 – A.18.1.5  A.18.2  A.18.2.1 – A.18.2.3  References Contents Application Development Company Indiahttp://www.ifourtechnolab.com
A.18.1 This control is about compliance with legal and contractual requirements. Control objective:  To avoid breaches of legal, statutory, regulatory or contractual obligations related to information security and of any security requirements.  Organization has to follow legal and contractual requirements otherwise non-conformity can be given to that organization. Application Development Company Indiahttp://www.ifourtechnolab.com
 This control explains identification of applicable legislation and contractual requirements.  Control objective:  All relevant legislative statutory, regulatory, contractual requirements and the organization’s approach to meet these requirements shall be explicitly identified, documented and kept up to date for each information system and the organization. A.18.1.1 Application Development Company Indiahttp://www.ifourtechnolab.com
A.18.1.2 : Intellectual property rights  This control is about all intellectual property rights like copyright, patent etc to avoid unauthorized access to intellectual property of organization. Control Objective:  Appropriate procedures shall be implemented to ensure compliance with legislative, regulatory and contractual requirements related to intellectual property rights and use of proprietary software products. Application Development Company Indiahttp://www.ifourtechnolab.com
 Control A.18.1.3 explains how records should be protected after any natural disaster like earthquake, fire or any loss.  Organization should take safety measures for business continuity and disaster recovery.  Control objective:  Records shall be protected from loss, destruction, falsification, unauthorized access and unauthorized release, in accordance with legislatory, contractual and business requirements. A.18.1.3 : Protection of records Application Development Company Indiahttp://www.ifourtechnolab.com
A.18.1.4 and A.18.1.5  Control A.18.1.4 : Privacy and protection of personally identifiable information  Objective of A.18.1.4:  Privacy and protection of personally identifiable information shall be ensured as required in relevant legislation and regulation where applicable.  Control A.18.1.5 : Regulation of cryptographic controls  Objective of A.18.1.5:  Cryptographic controls shall be used in compliance with all relevant agreements, legislation and regulations. Application Development Company Indiahttp://www.ifourtechnolab.com
A.18.2 : Information security reviews  Control Objective:  To ensure that information security is implemented and operated in accordance with the organizational policies and procedures.  Organizational policies and procedures are reviewed by an auditor.  If these policies are not compliant then auditor will give non-conformity or suggestion. Application Development Company Indiahttp://www.ifourtechnolab.com
 This control is about Independent review of information security.  Control objective:  The organization’s approach to managing information security and its implementation shall be reviewed independently at planned intervals or when significant changes occur.  Implementation of information security:  Control objectives  Controls  Policies  Processes  Procedures A.18.2.1 Application Development Company Indiahttp://www.ifourtechnolab.com
 A.18.2.2 : Compliance with security policies and standards  Control objective:  Managers shall regularly review the compliance of information processing and procedures within their area of responsibility with the appropriate security policies, standards and any other security requirements.  A.18.2.3 : Technical compliance review  Control objective:  Information systems shall be regularly reviewed for compliance with the organization’s information security policies and standards. A.18.2.2 and A.18.2.3 Application Development Company Indiahttp://www.ifourtechnolab.com
References http://www.slideshare.net/null0x00/iso-27001-2013-changes http://www.bsigroup.com/LocalFiles/en-GB/iso-iec-27001/resources/BSI- ISO27001-transition-guide-UK-EN-pdf.pdf https://en.wikipedia.org/wiki/ISO/IEC_27001:2013 http://www.iso27001security.com/html/27001.html Application Development Company Indiahttp://www.ifourtechnolab.com
iFour Consultancy Services  Visit these websites for more details: http://www.ifour-consultancy.com http://www.ifourtechnolab.com THANK YOU!!! Application Development Company Indiahttp://www.ifourtechnolab.com

Recommended

Iso 27001 control a.7.2 – during employment - by software outsourcing company...
Iso 27001 control a.7.2 – during employment - by software outsourcing company...Iso 27001 control a.7.2 – during employment - by software outsourcing company...
Iso 27001 control a.7.2 – during employment - by software outsourcing company...
iFour Consultancy
 
ISO 27001 management clause 7 support - by software development company in india
ISO 27001 management clause 7 support - by software development company in indiaISO 27001 management clause 7 support - by software development company in india
ISO 27001 management clause 7 support - by software development company in india
iFour Consultancy
 
A18 compliance
A18 complianceA18 compliance
A18 compliance
ifourkhushbooshah
 
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...
iFour Consultancy
 
ISO 27001 2013 A12 Operations Security Part 2 - by Software development compa...
ISO 27001 2013 A12 Operations Security Part 2 - by Software development compa...ISO 27001 2013 A12 Operations Security Part 2 - by Software development compa...
ISO 27001 2013 A12 Operations Security Part 2 - by Software development compa...
iFour Consultancy
 
Iso 27001 control a.12.1,a.12.2 & a.12.3 - by software outsourcing company in...
Iso 27001 control a.12.1,a.12.2 & a.12.3 - by software outsourcing company in...Iso 27001 control a.12.1,a.12.2 & a.12.3 - by software outsourcing company in...
Iso 27001 control a.12.1,a.12.2 & a.12.3 - by software outsourcing company in...
iFour Consultancy
 
ISO 270001 Management Clause - 6
ISO 270001 Management Clause - 6ISO 270001 Management Clause - 6
ISO 270001 Management Clause - 6
Pooja Soni
 
IS Audit Checklist- by Software development company in india
IS Audit Checklist- by Software development company in indiaIS Audit Checklist- by Software development company in india
IS Audit Checklist- by Software development company in india
iFour Consultancy
 

Recommended

Iso 27001 control a.7.2 – during employment - by software outsourcing company...
Iso 27001 control a.7.2 – during employment - by software outsourcing company...Iso 27001 control a.7.2 – during employment - by software outsourcing company...
Iso 27001 control a.7.2 – during employment - by software outsourcing company...
iFour Consultancy
 
ISO 27001 management clause 7 support - by software development company in india
ISO 27001 management clause 7 support - by software development company in indiaISO 27001 management clause 7 support - by software development company in india
ISO 27001 management clause 7 support - by software development company in india
iFour Consultancy
 
A18 compliance
A18 complianceA18 compliance
A18 compliance
ifourkhushbooshah
 
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...
iFour Consultancy
 
ISO 27001 2013 A12 Operations Security Part 2 - by Software development compa...
ISO 27001 2013 A12 Operations Security Part 2 - by Software development compa...ISO 27001 2013 A12 Operations Security Part 2 - by Software development compa...
ISO 27001 2013 A12 Operations Security Part 2 - by Software development compa...
iFour Consultancy
 
Iso 27001 control a.12.1,a.12.2 & a.12.3 - by software outsourcing company in...
Iso 27001 control a.12.1,a.12.2 & a.12.3 - by software outsourcing company in...Iso 27001 control a.12.1,a.12.2 & a.12.3 - by software outsourcing company in...
Iso 27001 control a.12.1,a.12.2 & a.12.3 - by software outsourcing company in...
iFour Consultancy
 
ISO 270001 Management Clause - 6
ISO 270001 Management Clause - 6ISO 270001 Management Clause - 6
ISO 270001 Management Clause - 6
Pooja Soni
 
IS Audit Checklist- by Software development company in india
IS Audit Checklist- by Software development company in indiaIS Audit Checklist- by Software development company in india
IS Audit Checklist- by Software development company in india
iFour Consultancy
 
A11 part 1
A11 part 1A11 part 1
A11 part 1
ifourkhushbooshah
 
Comparision of ISO with NIST and COBIT framework
Comparision of ISO with NIST and COBIT frameworkComparision of ISO with NIST and COBIT framework
Comparision of ISO with NIST and COBIT framework
Pooja Soni
 
Security audits & compliance
Security audits & complianceSecurity audits & compliance
Security audits & compliance
Vandana Verma
 
Is iso 27001, an answer to security
Is iso 27001, an answer to securityIs iso 27001, an answer to security
Is iso 27001, an answer to security
Raghunath G
 
Shivani shukla_B38_KnowledgeManagement
Shivani shukla_B38_KnowledgeManagementShivani shukla_B38_KnowledgeManagement
Shivani shukla_B38_KnowledgeManagement
shivanishuks
 
ISO 27001 Certification: An All-Access Pass
ISO 27001 Certification: An All-Access PassISO 27001 Certification: An All-Access Pass
ISO 27001 Certification: An All-Access Pass
A-lign
 
Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentation
Midhun Nirmal
 
ISO/IEC 27001:2005
ISO/IEC 27001:2005ISO/IEC 27001:2005
ISO/IEC 27001:2005
Fuangwith Sopharath
 
Lead Auditor Course on ISO 27001:2013 (ISMS) - IRCA
Lead Auditor Course on ISO 27001:2013 (ISMS) - IRCALead Auditor Course on ISO 27001:2013 (ISMS) - IRCA
Lead Auditor Course on ISO 27001:2013 (ISMS) - IRCA
myTectra Learning Solutions Private Ltd
 
Information Security Management
Information Security ManagementInformation Security Management
Information Security Management
EC-Council
 
IoT security compliance checklist
IoT security compliance checklist IoT security compliance checklist
IoT security compliance checklist
PriyaNemade
 
Transitioning to iso 27001 2013
Transitioning to iso 27001 2013Transitioning to iso 27001 2013
Transitioning to iso 27001 2013
SAIGlobalAssurance
 
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation Guide
NQA
 
Presentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMPresentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCM
Shantanu Rai
 
How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?
PECB
 
Iso 27001 2013 clause 6 - planning - by Software development company in india
Iso 27001 2013 clause 6 - planning - by Software development company in indiaIso 27001 2013 clause 6 - planning - by Software development company in india
Iso 27001 2013 clause 6 - planning - by Software development company in india
iFour Consultancy
 
Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001
Chandan Singh Ghodela
 
ISMS implementation challenges-KASYS
ISMS implementation challenges-KASYSISMS implementation challenges-KASYS
ISMS implementation challenges-KASYS
Reza Teynia ISMS, ITSM, MSc
 
What is iso 27001 isms
What is iso 27001 ismsWhat is iso 27001 isms
What is iso 27001 isms
Craig Willetts ISO Expert
 
Integrated Compliance – Collect Evidence Once, Certify to Many
Integrated Compliance – Collect Evidence Once, Certify to ManyIntegrated Compliance – Collect Evidence Once, Certify to Many
Integrated Compliance – Collect Evidence Once, Certify to Many
ControlCase
 
Watkins Meegan: Compliance with FAR Ethics Requirements
Watkins Meegan: Compliance with FAR Ethics RequirementsWatkins Meegan: Compliance with FAR Ethics Requirements
Watkins Meegan: Compliance with FAR Ethics Requirements
Andrea Contres Moore, MBA
 
Security Audits of Electronic Health I.docx
Security Audits of Electronic Health I.docxSecurity Audits of Electronic Health I.docx
Security Audits of Electronic Health I.docx
kenjordan97598
 

More Related Content

What's hot

Transitioning to iso 27001 2013
Transitioning to iso 27001 2013Transitioning to iso 27001 2013
Transitioning to iso 27001 2013
SAIGlobalAssurance
 
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation Guide
NQA
 
How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?
PECB
 

What's hot (20)

A11 part 1
A11 part 1A11 part 1
A11 part 1
 
Comparision of ISO with NIST and COBIT framework
Comparision of ISO with NIST and COBIT frameworkComparision of ISO with NIST and COBIT framework
Comparision of ISO with NIST and COBIT framework
 
Security audits & compliance
Security audits & complianceSecurity audits & compliance
Security audits & compliance
 
Is iso 27001, an answer to security
Is iso 27001, an answer to securityIs iso 27001, an answer to security
Is iso 27001, an answer to security
 
Shivani shukla_B38_KnowledgeManagement
Shivani shukla_B38_KnowledgeManagementShivani shukla_B38_KnowledgeManagement
Shivani shukla_B38_KnowledgeManagement
 
ISO 27001 Certification: An All-Access Pass
ISO 27001 Certification: An All-Access PassISO 27001 Certification: An All-Access Pass
ISO 27001 Certification: An All-Access Pass
 
Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentation
 
ISO/IEC 27001:2005
ISO/IEC 27001:2005ISO/IEC 27001:2005
ISO/IEC 27001:2005
 
Lead Auditor Course on ISO 27001:2013 (ISMS) - IRCA
Lead Auditor Course on ISO 27001:2013 (ISMS) - IRCALead Auditor Course on ISO 27001:2013 (ISMS) - IRCA
Lead Auditor Course on ISO 27001:2013 (ISMS) - IRCA
 
Information Security Management
Information Security ManagementInformation Security Management
Information Security Management
 
IoT security compliance checklist
IoT security compliance checklist IoT security compliance checklist
IoT security compliance checklist
 
Transitioning to iso 27001 2013
Transitioning to iso 27001 2013Transitioning to iso 27001 2013
Transitioning to iso 27001 2013
 
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation Guide
 
Presentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMPresentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCM
 
How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?
 
Iso 27001 2013 clause 6 - planning - by Software development company in india
Iso 27001 2013 clause 6 - planning - by Software development company in indiaIso 27001 2013 clause 6 - planning - by Software development company in india
Iso 27001 2013 clause 6 - planning - by Software development company in india
 
Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001Whitepaper iso 27001_isms | All about ISO 27001
Whitepaper iso 27001_isms | All about ISO 27001
 
ISMS implementation challenges-KASYS
ISMS implementation challenges-KASYSISMS implementation challenges-KASYS
ISMS implementation challenges-KASYS
 
What is iso 27001 isms
What is iso 27001 ismsWhat is iso 27001 isms
What is iso 27001 isms
 
Integrated Compliance – Collect Evidence Once, Certify to Many
Integrated Compliance – Collect Evidence Once, Certify to ManyIntegrated Compliance – Collect Evidence Once, Certify to Many
Integrated Compliance – Collect Evidence Once, Certify to Many
 

Similar to Control a.18 compliance - by software outsourcing company in India

Security Audits of Electronic Health I.docx
Security Audits of Electronic Health I.docxSecurity Audits of Electronic Health I.docx
Security Audits of Electronic Health I.docx
kenjordan97598
 
Security Audits of Electronic Health I.docx
Security Audits of Electronic Health I.docxSecurity Audits of Electronic Health I.docx
Security Audits of Electronic Health I.docx
bagotjesusa
 
Contractor Responsibilities under the Federal Information Security Management...
Contractor Responsibilities under the Federal Information Security Management...Contractor Responsibilities under the Federal Information Security Management...
Contractor Responsibilities under the Federal Information Security Management...
padler01
 
FIDO Authentication and GDPR
FIDO Authentication and GDPRFIDO Authentication and GDPR
FIDO Authentication and GDPR
FIDO Alliance
 
Get Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security SolutionGet Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security Solution
Precisely
 
Kuliah Sesi ke-01 Control & Audit [080616].pptx
Kuliah Sesi ke-01 Control & Audit [080616].pptxKuliah Sesi ke-01 Control & Audit [080616].pptx
Kuliah Sesi ke-01 Control & Audit [080616].pptx
Reza743349
 

Similar to Control a.18 compliance - by software outsourcing company in India (20)

Watkins Meegan: Compliance with FAR Ethics Requirements
Watkins Meegan: Compliance with FAR Ethics RequirementsWatkins Meegan: Compliance with FAR Ethics Requirements
Watkins Meegan: Compliance with FAR Ethics Requirements
 
Security Audits of Electronic Health I.docx
Security Audits of Electronic Health I.docxSecurity Audits of Electronic Health I.docx
Security Audits of Electronic Health I.docx
 
Security Audits of Electronic Health I.docx
Security Audits of Electronic Health I.docxSecurity Audits of Electronic Health I.docx
Security Audits of Electronic Health I.docx
 
Healthcare Compliance: HIPAA and HITRUST
Healthcare Compliance: HIPAA and HITRUSTHealthcare Compliance: HIPAA and HITRUST
Healthcare Compliance: HIPAA and HITRUST
 
20160317 ARMA Wyoming Governance for Social Media
20160317 ARMA Wyoming Governance for Social Media20160317 ARMA Wyoming Governance for Social Media
20160317 ARMA Wyoming Governance for Social Media
 
Contractor Responsibilities under the Federal Information Security Management...
Contractor Responsibilities under the Federal Information Security Management...Contractor Responsibilities under the Federal Information Security Management...
Contractor Responsibilities under the Federal Information Security Management...
 
Meaningful Use Core Measure 15 Webinar
Meaningful Use Core Measure 15 WebinarMeaningful Use Core Measure 15 Webinar
Meaningful Use Core Measure 15 Webinar
 
VG PPT.docx
VG PPT.docxVG PPT.docx
VG PPT.docx
 
FIDO Authentication and GDPR
FIDO Authentication and GDPRFIDO Authentication and GDPR
FIDO Authentication and GDPR
 
Understanding Federal IT Compliance in Three Steps - SharePoint Fest DC
Understanding Federal IT Compliance in Three Steps - SharePoint Fest DCUnderstanding Federal IT Compliance in Three Steps - SharePoint Fest DC
Understanding Federal IT Compliance in Three Steps - SharePoint Fest DC
 
Funsec3e ppt ch07
Funsec3e ppt ch07Funsec3e ppt ch07
Funsec3e ppt ch07
 
Tendencias globales en la regulación de la IA y estándares tecnológicos asoci...
Tendencias globales en la regulación de la IA y estándares tecnológicos asoci...Tendencias globales en la regulación de la IA y estándares tecnológicos asoci...
Tendencias globales en la regulación de la IA y estándares tecnológicos asoci...
 
ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2
 
Explain your algorithmic decisions for gdpr
Explain your algorithmic decisions for gdprExplain your algorithmic decisions for gdpr
Explain your algorithmic decisions for gdpr
 
An Overview of the Major Compliance Requirements
An Overview of the Major Compliance RequirementsAn Overview of the Major Compliance Requirements
An Overview of the Major Compliance Requirements
 
Safety audit
Safety audit Safety audit
Safety audit
 
Fundamentals of Information Systems Security Chapter 7
Fundamentals of Information Systems Security Chapter 7Fundamentals of Information Systems Security Chapter 7
Fundamentals of Information Systems Security Chapter 7
 
Get Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security SolutionGet Ready for Syncsort's New Best-of-Breed Security Solution
Get Ready for Syncsort's New Best-of-Breed Security Solution
 
Privacy & Security Controls In Vendor Management Al Raymond
Privacy & Security Controls In Vendor Management Al RaymondPrivacy & Security Controls In Vendor Management Al Raymond
Privacy & Security Controls In Vendor Management Al Raymond
 
Kuliah Sesi ke-01 Control & Audit [080616].pptx
Kuliah Sesi ke-01 Control & Audit [080616].pptxKuliah Sesi ke-01 Control & Audit [080616].pptx
Kuliah Sesi ke-01 Control & Audit [080616].pptx
 

Recently uploaded

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 

Recently uploaded (20)

Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 

Control a.18 compliance - by software outsourcing company in India

  • 2.  A.18.1  A.18.1.1 – A.18.1.5  A.18.2  A.18.2.1 – A.18.2.3  References Contents Application Development Company Indiahttp://www.ifourtechnolab.com
  • 3. A.18.1 This control is about compliance with legal and contractual requirements. Control objective:  To avoid breaches of legal, statutory, regulatory or contractual obligations related to information security and of any security requirements.  Organization has to follow legal and contractual requirements otherwise non-conformity can be given to that organization. Application Development Company Indiahttp://www.ifourtechnolab.com
  • 4.  This control explains identification of applicable legislation and contractual requirements.  Control objective:  All relevant legislative statutory, regulatory, contractual requirements and the organization’s approach to meet these requirements shall be explicitly identified, documented and kept up to date for each information system and the organization. A.18.1.1 Application Development Company Indiahttp://www.ifourtechnolab.com
  • 5. A.18.1.2 : Intellectual property rights  This control is about all intellectual property rights like copyright, patent etc to avoid unauthorized access to intellectual property of organization. Control Objective:  Appropriate procedures shall be implemented to ensure compliance with legislative, regulatory and contractual requirements related to intellectual property rights and use of proprietary software products. Application Development Company Indiahttp://www.ifourtechnolab.com
  • 6.  Control A.18.1.3 explains how records should be protected after any natural disaster like earthquake, fire or any loss.  Organization should take safety measures for business continuity and disaster recovery.  Control objective:  Records shall be protected from loss, destruction, falsification, unauthorized access and unauthorized release, in accordance with legislatory, contractual and business requirements. A.18.1.3 : Protection of records Application Development Company Indiahttp://www.ifourtechnolab.com
  • 7. A.18.1.4 and A.18.1.5  Control A.18.1.4 : Privacy and protection of personally identifiable information  Objective of A.18.1.4:  Privacy and protection of personally identifiable information shall be ensured as required in relevant legislation and regulation where applicable.  Control A.18.1.5 : Regulation of cryptographic controls  Objective of A.18.1.5:  Cryptographic controls shall be used in compliance with all relevant agreements, legislation and regulations. Application Development Company Indiahttp://www.ifourtechnolab.com
  • 8. A.18.2 : Information security reviews  Control Objective:  To ensure that information security is implemented and operated in accordance with the organizational policies and procedures.  Organizational policies and procedures are reviewed by an auditor.  If these policies are not compliant then auditor will give non-conformity or suggestion. Application Development Company Indiahttp://www.ifourtechnolab.com
  • 9.  This control is about Independent review of information security.  Control objective:  The organization’s approach to managing information security and its implementation shall be reviewed independently at planned intervals or when significant changes occur.  Implementation of information security:  Control objectives  Controls  Policies  Processes  Procedures A.18.2.1 Application Development Company Indiahttp://www.ifourtechnolab.com
  • 10.  A.18.2.2 : Compliance with security policies and standards  Control objective:  Managers shall regularly review the compliance of information processing and procedures within their area of responsibility with the appropriate security policies, standards and any other security requirements.  A.18.2.3 : Technical compliance review  Control objective:  Information systems shall be regularly reviewed for compliance with the organization’s information security policies and standards. A.18.2.2 and A.18.2.3 Application Development Company Indiahttp://www.ifourtechnolab.com
  • 12. iFour Consultancy Services  Visit these websites for more details: http://www.ifour-consultancy.com http://www.ifourtechnolab.com THANK YOU!!! Application Development Company Indiahttp://www.ifourtechnolab.com

Editor's Notes

  1. Application Development Company India - http://www.ifourtechnolab.com/
  2. Application Development Company India - http://www.ifourtechnolab.com/
  3. Application Development Company India - http://www.ifourtechnolab.com/
  4. Application Development Company India - http://www.ifourtechnolab.com/
  5. Application Development Company India - http://www.ifourtechnolab.com/
  6. Application Development Company India - http://www.ifourtechnolab.com/
  7. Application Development Company India - http://www.ifourtechnolab.com/
  8. Application Development Company India - http://www.ifourtechnolab.com/
  9. Application Development Company India - http://www.ifourtechnolab.com/
  10. Application Development Company India - http://www.ifourtechnolab.com/
  11. Application Development Company India - http://www.ifourtechnolab.com/
  12. Application Development Company India - http://www.ifourtechnolab.com/