In this ISO 27001 training video I show you how to implement ISO 27001 Annex A 5.12 Classification Of Information.
You will learn:
• What is ISO 27001 Annex A 5.12
• How to implement ISO 27001 Annex A 5.12
The Ultimate ISO 27001 Toolkit
► Do It Yourself ISO 27001 with the Ultimate ISO 27001 Toolkit: hightable.io/product/iso-2700...
Chapters
00:00 What is ISO 27001 Annex A 5.12 Classification Of Information?
00:26 What is information classification?
01:35 Information Classification Scheme
05:50 The Standard Guidance and Example
06:36 Implementation Overview
06:50 How to implement ISO 27001 Annex A 5.12
13:34 ISO 27001 Templates
13:49 What will an auditor check?
14.43 Common Mistakes People Make
15:41 Why is ISO 27001 Annex A 5.12 important?
16:38 Conclusion
What is ISO 27001 Annex A 5.12 Classification Of Information?
ISO 27001 Annex A 5.12 Classification of Information is an ISO 27001 control that requires that an organisation should classify information based on the needs of the organisation and relevant interest parities.
What is the purpose of ISO 27001 Annex A 5.12?
The purpose of ISO 27001 Annex A 5.12 is to ensure the identification and understanding of the protection needs of information in accordance with its importance to the organisation.
ISO 27001 Annex A 5.12 Implementation Guide
To implement ISO 27001 Annex A 5.12 you will
1. Have an Information Classification and Handling Policy
2. Have a classification scheme
3. Base on business need
4. Consider legal requirements
5. Information Owners decide the classification
6. Review and update information classification
7. Align to the topic specific policy requirement for access control
8. Be consistent across the organisation
9. Be Consistent between Organisations
How to comply with ISO 27001 Annex A 5.12
To comply with ISO 27001 Annex A 5.12 you are going to implement the ‘how’ to the ‘what’ the control is expecting. In short measure you are going to:
- Decide on your information classification scheme
- Have a data asset register
- Assign owners to the data assets
- Have the data owners decide on the classification level of the information
- Put in place controls to protect the information that are based on the classification
► Read the blog that accompanies the video: hightable.io/iso-27001-annex-...
💻 Website: hightable.io
SUBSCRIBE / @stuartbarker
#iso27001 #isms
Негізгі бет How to implement ISO 27001 Annex A 5.12 Classification Of Information and pass the audit
Пікірлер