In this video tutorial I show you how to create an Access Control Policy in under 5 minutes.
You can download an up to date version of the template used here:
hightable.io/product/access-c...
This step by step tutorial walks you through defining the contents of the Access Control Policy, including the purpose, scope, and principles. We cover sections on confidentiality agreements, role-based access, unique identifiers, access authentication, access rights review, privileged accounts, passwords, user account provisioning, leavers, remote access, third-party remote access, monitoring and reporting, and policy compliance.
Some of the key points from the access control policy include:
- Access is granted on the principle of least privilege.
- Users are assigned unique usernames and identifiers.
- Remote access requires two-factor authentication.
It is a requirement of the ISO 27001:2002 standard and is referenced in ISO 27001 Annex A 5.15 Access Control.
Chapters
00:00 Introduction
00:24 ISO 27001 Access Control Policy template
00:37 ISO 27001 Toolkit
00:49 Implementation Guide
01:01 Contents
01:43 Purpose
01:53 Scope
02:10 Principle
02:24 Confidentiality Agreements
02:41 Roles Based Access
02:54 Unique Identifier
03:11 Access Authentication
03:22 Access Rights Review
03:52 Privilege / Admin Accounts
04:43 Passwords
06:14 User Account Provisioning
06:52 Leavers
07:16 Authentication
08:37 Remote Access
09:03 Third Party Remote Access
09:32 Monitoring and Reporting
09:47 Policy Compliance
09:56 Summary
- - - - - - - - - -
🧰 The Ultimate ISO 27001 Toolkit: hightable.io/ISO-27001-toolkit/
- - - - - - - - - -
🖤 SUBSCRIBE to the ISO 27001 with Stuart channel for high-quality free ISO 27001 videos, training and learning for all.
/ stuartbarker
- - - - - - - - - -
💻 Website: hightable.io
- - - - - - - - - -
Негізгі бет How to create an Access Control Policy in under 5 minutes
Пікірлер