Tag: auditor

ISO 27001

ISO 27001 Annex : A.8.1.3 Acceptable Use of Assets & A.8.1.4 Return of Assets

info savvy

ISO 27001 Annex : A.8.1.3 Acceptable Use of Assets & A.8.1.4 Return of Assets this is a part of assets management previous article was based on same which is continue in this article.

A.8.1.3 Acceptable Use of Assets

Control- Rules should be identified, documented, and implemented for the acceptable use of information and assets linked to information and information processing facilities.

Implementation Guidance- The information security requirements of the organization’s assets along with information and information processing facilities and resources should be made aware to employees and external users who use or have access to the company ‘s assets. They will be responsible for their use and all other usage carried out on their own responsibility, of any information processing services.

Related Product : ISO 27001 Lead Auditor Training And Certification ISMS

A.8.1.4 Return of Assets

Control- Both workers and external stakeholders must return all of the organizational assets in their possession upon termination of their job, contract or agreement

Implementation Guidance- The termination process must be legally concluded with the return of all tangible and electronic assets previously assigned owned or entrusted to the organization.

When an employee or external user buys the equipment of the company or uses his / her own personal equipment, it is important to follow protocols to ensure that all relevant information is transmitted to the company and safely removed from the equipment.

In situations where an employee or external user is aware that this information is necessary for ongoing operations, it should be reported and transmitted to the organization. During the notice period of termination, unauthorized copying of sensitive information ( e.g. intellectual property) by terminated workers and contractors should be monitored by the company.

Also Read : ISO 27001 Annex : A.8 Asset Management

At Infosavvy we have our trainers as our assets who are skilled and well-trained in various courses in the field of information security and we are also eligible for one of the most important certificates in the area of information security. i.e. IRCA CQI ISO 27001:2013 Lead Auditor (LA) and ISO 27001 Lead Implementer (LI) (TÜV SÜD Certification) . Our trainers can empower you to do better asset management by providing you with in-depth information and numerous examples for the same, helping the applicant to improve their skills and do well.

Read More : https://www.info-savvy.com/iso-27001-annex-a-8-1-3-acceptable-use-of-assets-a-8-1-4-return-of-assets/

This Blog Article is posted byInfosavvy, 2nd Floor, Sai Niketan, Chandavalkar Road Opp. Gora Gandhi Hotel, Above Jumbo King, beside Speakwell Institute, Borivali West, Mumbai, Maharashtra 400092

Contact us – www.info-savvy.com

https://g.co/kgs/ttqPpZ

ISO 27001

ISO 27001 Annex : A.7.3 Termination and Change of Employment

info savvy

ISO 27001 Annex : A.7.3 Termination and Change of Employment Its objective is to safeguard the interests of the organization as part of the adjustment or termination of employment.

A.7.3.1 Termination or change of Employment Responsibilities

Control- Responsibility and information security requirements that continue to be valid following termination or change of employment must be defined, communicated to, and implemented by the employee or contractor.

Implementation Guidance- Communication of termination duties may include on-going information security requirements and legal responsibilities and, as applicable, the duties found in the confidentiality arrangement and the terms and conditions of employment to be maintained for a specified time following the termination of the job of the employee or contractor.

Responsibilities and duties still valid after termination must be included in the terms and conditions of employment of the employee/contractor.

As a termination of existing responsibility or employment combined with additional duties, changes of responsibility or employment should be managed.

Related Product : ISO 27001 Lead Auditor Training And Certification ISMS

Annex 7.3 of the Standard ISO 27002 addresses various activities involved in Termination or Change of Employment. At Infosavvy , we have skilled trainers who can help you improve your skillsets in information security and gain in-depth knowledge about ISO standards. We also qualify for one of the highest information security certificates IRCA CQI ISO 27001:2013 Lead Auditor (LA) and ISO 27001 Lead Implementer (LI) (TÜV SÜD Certification), this certificate helps you to develop the expertise needed to carry out an ISMS audit, by implementing widely recognized auditing principles, practices and techniques.

Also Read : ISO 27001 Annex : A.7.2 During Employment

Other Information- The human resource function is generally responsible for the overall termination process and works with the supervisor to manage the safety measures of the relevant procedures. This termination process is carried out by an external party in compliance with the arrangement between the organization and the external party in the event of a contractor appointed by an external party. Changes in personnel and operating arrangements may be required to inform employees, clients, and contractors.

Read More : https://www.info-savvy.com/iso-27001-annex-a-7-3-termination-and-change-of-employment/

Infosavvy, 2nd Floor, Sai Niketan, Chandavalkar Road Opp. Gora Gandhi Hotel, Above Jumbo King, beside Speakwell Institute, Borivali West, Mumbai, Maharashtra 400092

Contact us – www.info-savvy.com

https://g.co/kgs/ttqPpZ