In this tutorial video I show you how to implement ISO 27001 Annex A 5.8 Information Security In Project Management to pass the audit. This step by step tutorial walks you through how to implement it, pass the audit, common mistakes people make and what an auditor will look for.
I show you exactly what changed in the ISO 27001:2022 update and exactly what you need to do for ISO 27001 certification.
What is ISO 27001 Annex A 5.8 Information Security In Project Management?
ISO 27001 Annex A 5.8 Information Security In Project Management is an ISO 27001 control that requires you to ensure that information security is included in your project management methodology. It does not dictate to you which project management methodology to use, rather it sets out guidelines for the inclusion of information security in your current way of delivering projects.
How to implement ISO 27001 Annex A 5.8 Information Security In Project Management
Project management is about how you deliver projects or discrete elements of work.
1. Define your project management methodology
You can choose of the shelf project management approaches such as Agile, Sprint, Waterfall, Prince 2 or you can have your own bespoke approach to projects. Which ever approach you take ensure that it is documented and a process that is repeatable.
2. Assess your methodology for information security
Review your methodology to ensure it includes steps that directly address information security. If it does not then amend it so that it does.
3. Operate your project management methodology
Operate your projects in line with the documented process and be able to evidence the process in operation with example projects that have followed it.
Examples of information security in Project Management
The following are examples of where information security can be included in the project management process:
- at project initiation
- at project definition
- at project build and implement
- at project test
- at project go live
- during the operation of the project deliverable
Do It Yourself ISO 27001
► Do It Yourself ISO 27001 with the Ultimate ISO 27001 Toolkit: hightable.io/product/iso-2700...
Chapters
00:00 Introduction
00:26 What is ISO 27001 Annex A 5.8 Information Security In Project Management
00:55 Requirement
01:15 How to implement ISO 27001 Annex A 5.8 Information Security In Project Management
02:07 Identifying where to cover information security
03:35 Project Definition Stage
04:15 Risk Management
04:41 Project Build Stage
05:37 Implementation Summary
06:03 Common Mistakes People Make
07:30 Conclusion
Resources and Links
► Read the blog that accompanies the video: hightable.io/iso-27001-annex-...
#iso27001 #isms
Негізгі бет How to implement ISO 27001 Annex A 5.8 Information Security In Project Management and pass the audit
Пікірлер: 5